System and method for tracking and archiving mobile communications

ABSTRACT

A system tracks and archives communications between a mobile device and a telephone (which could be another mobile device) or an enterprise application software module. A gateway receives communications from and sends communications to a mobile software application installed on a mobile device. Communications can include text, multimedia voice and/or video information. When the mobile software application or enterprise application software module directs a communication to the telephone, the gateway determines whether to send the communication to the telephone via a copy of the mobile software application on the telephone or via a PBX system or a virtual number. Furthermore, the gateway sends a copy of the communication to an archiving system. To process the communication for archiving, the gateway can reformat the communication, create metadata associated with it, associate tags with it, encrypt it, compress it and/or transmit it.

RELATED APPLICATION

This application claims the benefit of U.S. Provisional Application No.62/171,890, filed Jun. 5, 2015, entitled “System and Method for TrackingSMS Messages,” which is incorporated herein by reference. This patentapplication is claiming priority to Patent Cooperation Treaty (PCT)patent application serial number PCT/US14/38713, filed on May 20, 2014,titled: System And Method For Tracking SMS Messages, which claimspriority to U.S. provisional patent application 61/825,496, titled:System and Method for Tracking SMS Messages, which was filed on May 20,2013, which is incorporated herein in its entirety by this reference.This patent application also is a continuation-in-part of U.S. patentapplication Ser. No. 13/031,495, filed on Feb. 21, 2011 and entitled“Systems and Methods for Secure Short Messaging Service and MultimediaMessaging Service, which issued on Jun. 13, 2017 as U.S. Pat. No.9,680,803, and which is incorporated herein by reference.

FIELD OF INVENTION

This invention relates to systems and methods for wirelesscommunication, cellular telephony, Internet-based systems and methods,software, computers, or a combination thereof. More particularly, theinvention relates to a system and method for tracking and archivingmobile communications.

COPYRIGHT NOTIFICATION

Portions of this patent application include materials that are subjectto copyright protection. The copyright owner has no objection to thefacsimile reproduction by anyone of the patent document itself, or ofthe patent application as it appears in the files of the United StatesPatent and Trademark Office, but otherwise reserves all copyright rightswhatsoever in such included copyrighted materials.

BACKGROUND

Systems and methods have existed for sending text messages, such as SMSmessages, for many years. Over the last decade, SMS usage has increasedsignificantly. SMS is now used for business communication. But suchbusiness use presents a number of challenges. Aside from encryption andsecuring communications, compliancy, reporting and auditing have becomemajor requirements for many vertical industries, such as finance,government and healthcare businesses. Present systems and methods formobile communications, including SMS communications, are inadequate tomeet these requirements.

Practically all mobile phones are capable of sending SMS messages. Theuser of the phone, however, typically must sign up for a proper SMS planwith his/her carrier. When SMS is used for communication, there is noeasy solution to trace the communication that is taking place. Thismakes SMS communication an unsuitable tool for an enterprise thatrequires tracking and reporting of the information for the purpose ofaudits and compliance.

When sending SMS from one mobile device to another, SMS is sent directlyfrom the mobile device to the carrier for that mobile device. If therecipient's mobile device is with the same carrier, then thecommunication is sent to the recipient's device. Otherwise, thecommunication is sent to the carrier of the recipient which againtransmits the communication to the recipient's mobile device. In eithercase, the typical path for SMS does not get stored in a manner that ismanaged by the enterprise. Although the communication via SMS is storedwithin the carrier infrastructure (including carrier partners andvendors), for an enterprise to obtain reports for the purpose ofcompliancy would require special arrangements with the carrier.

Furthermore, Bring Your Own Device (BYOD) is an industry trend and as aresult, more and more enterprises must deal with a variety of phones andcarriers. This makes having arrangements with carriers to obtain SMSreporting a difficult, if not impossible, task. Furthermore, in a BYODenvironment, when employees leave the company, they typically continuereceiving SMS messages on their personal mobile phone from theircustomers or other employees because there is no easy way to route SMSmessages of one phone to another. Even in a corporate environment inwhich the enterprise provides the phones, many employees may request toforward their phone numbers to their own personal mobile phone sincethey may receive personal calls or SMS messages on such numbers. Thisissue is more evident when many device manufacturers and/or mobilevendors offer containerization solutions for mobile devices, which allowenterprise and personal applications and/or information to coexist onthe same mobile phone.

There exist needs and potential for benefits for tracking communicationbetween employee and employee as well as between employee andconsumers/customers. As used in this specification, such tracking caninclude recording, archiving, making available for reporting and/orstoring for an extended period of time. Compliance with many differentregulations (such as SOX, FINRA and so on) requires tracking ofcommunications. For example, FINRA requires employees of financialinstitutions, more specifically brokers, to track their communicationswith their clients or consumers. Similarly, other institutions may haveto or wish to track forms of communication such as messaging or voice,all textual messages like email or SMS as well as all voicecommunication from mobile calls between their staff and customers.

In addition, there is a need to provide a personal number to mobileusers that is separate from the carrier assigned number and that allowsan enterprise to retain the ownership of such number and consequentlycontinue receiving the company's SMS messages and/or voice calls afterthe employee is gone.

It is an object of the present invention, among other things, to providea system and method that allows an institution or enterprise to trackand archive communications, such as the communication that takes placebetween an employee of an organization and consumers/customers of thatorganization, and to meet the needs described above.

Potential for improvement exists in these and other areas that may beapparent to a person of skill in the art having studied this document.

SUMMARY OF PARTICULAR EMBODIMENTS OF THE INVENTION

The contents of this summary section are provided only as a simplifiedintroduction to the disclosure, and are not intended to be used to limitthe scope of the appended claims.

In accordance with the purposes of the invention as embodied and broadlydescribed in this document, there is provided a system for tracking andarchiving communications between a mobile device and a telephone. Thesystem includes: a gateway configured for receiving communications fromand sending communications to a mobile software application that can beinstalled on a mobile device; and a PBX system including at least onephone number associated with a user of a first mobile device having acopy of the mobile software application wherein the mobile softwareapplication originates a communication with the gateway directed to atelephone. Upon receiving a communication from the first mobile softwareapplication directed to a telephone, the gateway determines if thetelephone can receive a communication with the mobile softwareapplication. If the gateway determines that the telephone can receive acommunication with the mobile software application, the gateway sendsthe communication to the mobile software application on the telephone.If the gateway determines that the telephone cannot receivecommunications via the mobile software application, the gateway sendsthe communication to the telephone via at least one of the PBX systemand the phone number associated with the user of the first mobiledevice. The gateway is configured for automatically sending a copy ofthe received communication to an archiving system. The communication caninclude one or more of text, multimedia, voice or video information.

The archiving system can be configured for at least one of: preservingthe communication; searching for the communication; reviewing thecommunication; and producing the communication for electronic discovery.The archiving system can comprise an email archiving system and thegateway can be configured for formatting the communication so that theemail archiving system can import the communication. Automaticallysending a copy of the received communication the archiving system cancomprise at least one of reformatting the communication, creatingmetadata associated with the communication, associating tags with thecommunication, encrypting the communication, compressing thecommunication and transmitting the communication.

In one embodiment, a system is provided for tracking and archivingcommunications between mobile devices and an enterprise applicationsoftware module. The system includes a gateway configured for receivinga communication sent from the enterprise application software module toa mobile device. The gateway is configured for automatically sending acopy of the received communication to an archiving system that isconfigured for at least one of: preserving the communication; searchingfor the communication; reviewing the communication; and producing thecommunication for electronic discovery. In addition, the gateway isconfigured for determining if the mobile device can receive acommunication with a mobile application. If the gateway determines thatthe mobile device can receive a communication with the mobileapplication, it can send the communication to the mobile application onthe mobile device. If the gateway determines that the mobile devicecannot receive a communication with the mobile application, it can sendthe communication to the mobile device via at least one of a short codeand a long code associated with the enterprise application softwaremodule. The communication can include one or more of a short messagingservice (SMS) message, a multimedia messaging service (MMS) message, achat message, a voice call, an email message or a video.

According to one aspect of the invention, method for tracking andarchiving communications between two mobile devices is provided. Themethod includes: receiving at a gateway a communication originated froma mobile application software module configured to run on a first mobiledevice, wherein the communication is encrypted; sending thecommunication from the gateway to a second mobile device using a virtualnumber associated with at least one of the first mobile device, themobile application software module configured to run on the first mobiledevice, and a container on the first mobile device, wherein thecontainer contains the application software module and is configured toprovide a secure or managed segment for applications or data; and at thegateway, creating a copy of the communication for uploading to anarchiving system. The archiving system is configured for at least oneof: preserving the communication; searching for the communication;reviewing the communication; and producing the communication forelectronic discovery. The uploading includes at least one ofreformatting the communication, creating metadata associated with thecommunication, associating tags with the communication, encrypting thecommunication, compressing the communication, transmitting thecommunication and importing the communication to the archiving system.The mobile application software module can be configured to run within acontainer on the first mobile device, wherein the container isconfigured to provide a secure or managed segment for applications ordata.

More than one virtual number can associated with at least one of thefirst mobile device, the mobile application software and the container;and the method can include, with the gateway, selecting one of theassociated virtual number for sending the communication based on atleast one of: the country code of a telephone number of the secondmobile device; an area code of the telephone number of the second mobiledevice; a virtual number previously used to communicate with the secondmobile device; the cost of the communication, and the route of thecommunication. The communication originated from the mobile applicationsoftware module can identify one of the associated virtual numbers, andthe identified virtual number can be used for sending the communicationfrom the gateway.

According to another aspect of the invention, a method is provided forarchiving a conversation including voice communications of a pluralityof parties to the conversation. The method includes: separately storingthe voice communication from each of the parties to the conversation;assigning to each of the separately stored voice communications atimeline tag to indicate a time reference for each of the voicecommunications; generating a transcription of each of the separatelystored voice communications; and using the timeline tags and thetranscriptions of each of the separately stored voice communications togenerate a transcription of the conversation.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings, which are incorporated in and constitute apart of the specification, illustrate the presently preferredembodiments and methods of the invention and, together with the generaldescription given above and the detailed description of the preferredembodiments and methods given below, serve to explain the principles ofthe invention. The drawings illustrate, among other things, variousparticular examples of embodiments and methods, and certain examples ofcharacteristics thereof. Different embodiments include variouscombinations of elements or acts shown in the drawings, describedherein, known in the art, or a combination thereof.

FIG. 1A is a block diagram illustrating one embodiment of a system thatcan be used for tracking and archiving messages in accordance with theinvention, which can be used for tracking and archiving SMS messages andvoice communications.

FIG. 1B is a block diagram illustrating another embodiment of a systemin accordance with the present invention, which can be used for trackingand archiving messages SMS messages and voice communications.

FIG. 2 is a block diagram illustrating still another embodiment of asystem in accordance with the present invention, which can be used fortracking and archiving email messages and SMS messages.

FIG. 3 illustrates an example of a business card for promoting a longcode (virtual number) as a text messaging telephone number of anemployee, according to some methods of the invention.

FIG. 4 is a block diagram illustrating communication of SMS messagesbetween a subscriber's (e.g., employee's) mobile device and anon-subscriber's (e.g., customer's) mobile device in accordance with thepresent invention.

FIG. 5 is a block diagram showing communication channels linking an SMSserver with a plurality of subscriber (e.g., employee) mobile devices, acustomer (non-subscriber) device, customer application servers, anadministrator/operator portal and an archiving system.

FIG. 6 is a diagram illustrating an exemplary process for communicatingSMS messages between a non-subscriber's mobile device and a securemobile application on a subscriber's mobile device using a virtualnumber, all in accordance with the present invention.

FIG. 7 is a block diagram of one example of a system that can beconfigured for managing SMS and mobile voice communications in anencrypted and secure manner, with which various embodiments and methodsof the invention can operate.

FIG. 8 is a block diagram illustrating an example of a system formanaging and disseminating information and/or messages for a number ofusers, which system can be used in connection with the presentinvention.

FIG. 9 illustrates communication between mobile users and/or thirdparties via a gateway 115 in order to create, send, receive, and/orstore short messaging service (SMS) messages and multimedia messagingservice (MMS) messages in a secure manner.

FIG. 10 illustrates installation and registration of a software moduleon a mobile device.

FIG. 11 further illustrates communication between mobile users and/orthird parties via a gateway 115.

FIG. 12 is a flowchart illustrating an example of a method for securelytransmitting a message, such as an SMS message or an MMS message.

FIG. 13 is a flowchart illustrating another method for securelytransmitting a message.

FIG. 14 is a block diagram illustrating an example of theserver-side/client side information flow for an embodiment of a systemfor managing mobile voice communications in an encrypted and securemanner.

FIG. 15 is a flowchart illustrating an example method of managing mobilevoice communications in an encrypted and secure manner.

FIG. 16 is a block diagram illustrating another embodiment of a systemin accordance with the present invention, which can be used for trackingcommunications.

DETAILED DESCRIPTION OF EXAMPLES OF EMBODIMENTS

The present disclosure provides, among other things, a number ofembodiments and methods for managing short messaging service (SMS)messages and multimedia messaging service (MMS) messages in a securemanner and for tracking such messages. While various embodiments andmethods are described in sufficient detail to enable those skilled inthe art to practice the invention, it should be understood that otherembodiments may be realized and that various changes may be made withoutdeparting from the spirit and scope of the invention. Thus, the detaileddescription herein is presented for purposes of illustration only andnot of limitation. For example, the steps recited in any of the methodor process descriptions may be executed in any order and are not limitedto the order presented.

Moreover, for the sake of brevity, certain sub-components of theindividual operating components, conventional data networking,application development and other functional aspects of the systems maynot be described in detail herein. Furthermore, the connecting linesshown in the various figures contained herein are intended to representexemplary functional relationships and/or physical and/or electroniccouplings between the various elements. It should be noted that manyalternative or additional functional relationships or physicalconnections may be present in a practical system.

As used herein, a “mobile device” may be any device configured fortransmitting and receiving electronic communications, for example acellular phone, a satellite phone, a Palm Pilot™ device, personaldigital assistant (PDA), BlackBerry™ device, iPhone™ device, iPad™tablet computer, Samsung Galaxy Note™ smartphone and tablet computer,Samsung Galaxy Tab™ tablet computer, smartphone, desktop computer,laptop computer, tablet computer, netbook, portable device forcommunication, or the like. Throughout various exemplary embodimentsillustrated or discussed in this disclosure, a mobile device may bereferred to herein as a “phone” or “mobile phone”, but it should beunderstood that it may have other functionality or be any other type ofmobile device.

Use of Long Code as Virtual Phone Number

According to one aspect of the present invention, a long code 302 istied to an employee's standard phone number, and the long code 302 ispromoted as the phone number for the employee, such as via a businesscard 320 (see FIG. 2). Instead of using the true phone number assignedby the carrier to the SIM card of the employee's mobile device, the longcode 302 is published as the employee's phone number. A long code is avirtual phone number. Long codes are similar to standard phone numbersassigned to SIM cards by the carriers. There are companies that hostlong codes or provide long codes as their products/services. Suchcompanies typically offer long codes for SMS chat or virtual phonenumbers for Voice over IP or VoIP. Short codes are special numbers thatare assigned through aggregators to business for the purpose of SMScommunication. The number of digits for short codes may vary atdifferent times and/or different countries. Today, typically the lengthof a short code in the USA is 5 or 6 digits. Although there are 3-digitor 4-digit short codes, carriers typically reserve them for specialoccasions such as exclusive to carrier communications or specialpartners/circumstances such as critical message delivery.

Although both short codes and long codes may be used for sending andreceiving SMS messages, there are some differences between them. Shortcodes are expensive and it would be cost prohibitive to assign a shortcode to ever) mobile phone in an enterprise. Short codes have largerthroughputs and can process more messages per second. Furthermore,messages sent over a short code can be forwarded faster than messages onlong code. In United States and many other countries, short codes arehighly regulated by carriers and oversight entities such as the MobileMarketing Association or MMA. Short codes are typically used forpurposes such as mobile marketing or alerts where messages arebroadcasted from computers to many mobile devices. In the United Statesand many other countries, long codes are prohibited for tasks such asmobile marketing or alerts and are not allowed to be used instead ofshort codes. In such markets, long codes are typically allowed for taskssuch as chat between mobile devices. Long codes have also been offeredas virtual phone numbers for VoIP communication. In such cases, thevirtual phone number is assigned to a user. Hence dialing the virtualphone number will forward the voice traffic to the user's computer,tablet or phone. In such cases, there is no correlation between thevirtual phone number and the actual phone number of the mobile deviceassigned by mobile carrier. In another words, the phone number isassigned to the user rather that the mobile device of the user. In othercases, the phone number can be associated with specific enterpriseapplication software (EAS).

A long code is similar to a short code in terms of SMS functionalities.The length of the long code, however, is typically the same as standardphone numbers. For example, in the United States, long codes are 10digits. According to one aspect of some embodiments of the presentinvention, when a mobile user sends a message to a long code (or shortcode) that is assigned to a business (Mobile Originated or MO), thecarrier receives the message via a carrier mobile network and routesthat message to a communication gateway, such as an SMS gateway of thebusiness or an aggregator that provides aggregation services to thebusiness.

The gateway can reside, for example, within the data center of thebusiness or in the cloud. The carrier can use the Internet or othernetworks to send the message to the gateway. Next, the gateway deliversthe message to the recipient business. In most cases the gateways areused for business-to-consumer marketing. In such cases, the gateway isprovided by an aggregator that routes the messages or communicationbetween subscribers of the carriers and businesses that are customers ofthe aggregator. In such cases, the business may be considered a contentprovider and the mobile subscribers may opt-in to receive the contents.In other embodiments, when the business sends a message to a mobile userphone number (Mobile Terminated or MT), the message is delivered to acommunication gateway, such as an SMS gateway which routes the messageto the carrier. In turn, the carrier uses the carrier mobile network tosend the message to the mobile user's device. In some embodiments, thereare multiple communication gateways involved in routing of the messages.In other embodiments, the message can be an SMS type message, a datatype message (such as IPSMS which are messages that are sent over a datachannel instead of an SMS channel) or a voice communications.

Exemplary System Embodiments

Referring to the examples of FIGS. 1A and 1B, a system 100 that can beused for tracking and archiving messages in accordance with theinvention includes mobile devices 31 and 41, such as mobile phones,which are serviced through mobile phone networks 40 a, 40 b incommunication with one or more carriers 304 a, 304 b, respectively. Itwill be understood that the mobile devices 31 and 41 serve as examplesof a larger number of mobile phones. The mobile devices 31, 41 and cansend messages to carriers 304 a, 304 b, respectively. Carriers 304 a,304 b are in communication with a communication gateway 115, which is incommunication with an archiving system 306. As shown in FIG. 7, thegateway 115 can run on a server 15 and can communicate with carriers 304and the phone network 40 via the Internet 10. A virtual phone numberprovider 300 also can communicate (e.g., via the Internet 10) with oneor more of the carriers 304 and with the gateway 115.

With the embodiment of FIG. 1A all messages between mobile phones 31 and41 are routed through the gateway 115. Although the gateway 115 isreferenced in FIG. 1A as an SMS gateway, it will be understood that thegateway 115 need not be limited to an SMS gateway but can be acommunication gateway that can handle other types of communications suchas IPSMS, chat, text messaging, Multimedia Messaging Service (MMS),voice, video, email, or other types of digital or analog communicationsused for text, voice, video and multimedia. Accordingly, the gateway 115can send messages to the archiving system 306 via email or API. Thevirtual phone number provider 300 and gateway 115 can be operated by thesame or different operators, at the same physical location, on the samenetwork, share the same virtual machine resources, and/or run on thesame system. Similarly, the virtual phone number provider 300 andgateway 115 can be on or in separate systems, networks or physicallocations. Typically, the gateway 115 can be implemented in the cloud,on premises or as software as a service (SaaS). Similarly, virtual phonenumber provider 300 typically can be implemented in the cloud, onpremises or as SaaS.

With the embodiment of FIG. 1B, all messages between mobile phones 31and 41 are routed thorough the virtual phone number provider 300.However, all communication control is routed through the gateway 115. Inother words, the gateway 115 controls, manages, authorizes and tracksthe message flow. To achieve this, according to one example, the mobiledevice 41 registers with the gateway 115 before sending messages. Next,the gateway 115 communicates with the virtual phone number provider 300to exchange a security token that authorizes the mobile device 41 toroute messages through the virtual phone number provider 300. In turn,the gateway 115 sends the security token to the mobile device 41, whichauthorizes the mobile device 41 to route messages through the virtualphone number provider 300. Once so authorized, the mobile device 41 cancommunicate with another mobile device 31. With the embodiment shown inFIG. 1B, the virtual phone number provider 300 can store the messageslocally in temporary storage 308 and transfer the saved messages to thegateway 115 at a later time. In turn, the gateway 115 can then send thesaved messages to the archiving system 306. e.g., via email or API.

FIG. 2 illustrates an exemplary system 100 that can be used for trackingemail messages in accordance with the invention. In the embodiment ofFIG. 2, an email client on the mobile device 41 can be used tocommunicate with the carrier 306 b, which is in communication with thegateway 115 via an email gateway 310 and an email-to-message relay 312.As shown in FIG. 2, any or all of the email gateway 310, theemail-to-message relay 312 and the gateway 115 can send messages to thearchiving system 306. Also, it will be understood that any or all of theemail gateway 310, the email-to-message relay 312 and the gateway 115and the virtual phone number provider 300 can run on the same server ordifferent servers.

Still referring to FIGS. 1-2, the gateway 115 is used to receive andsend messages. In some embodiments, the gateway 115 is a full featuregateway that can receive messages sent from a mobile device to a longcode (or short code). Such messages are referred to in the industry asMobile Originated or MO. The gateway 115 also can send messages to amobile device. Such messages are referred to as Mobile Terminated or MT.In the case of MO, the mobile device sends the message to a long code,which is routed to the gateway by the carrier (either directly orthrough other gateways). In the case of MT, the gateway sends themessage to the carrier of the mobile device using the long code (eitherdirectly or through other gateways), which is then transmitted to themobile device. To the user of the mobile device, the message is receivedfrom the long code. Hence, if the long code is promoted as an employee'sphone number, the recipient of the message would think the message iscoming from the employee's mobile phone. In fact, if the recipient ofthe message has the long code associated with the name of the employeeof an organization in the mobile device contact list, as is the case forregular numbers today, the recipient's mobile phone typically shows theemployee's name and/or name and phone number as the sender of themessage. When the user replies to the message, received from a longcode, the MO can be pushed from the gateway to a secure mobileapplication (or “app”) 201 residing on the employee's mobile device(sometimes referred to herein as SecureSMS or SecureVoice Micro Client).The message may use the user's name, phone number and/or otherinformation to indicate the user as the sender of the message. When theemployee replies to the message, the mobile application 201 sends themessage to the gateway 115 which associates the mobile application 201to the long code. Hence the employee's messages are sent from that longcode. At the gateway 115, the message is also sent to the archivingsystem 306. Most companies use email archiving systems such as HPAutonomy, Global Relay, ArcMail, IBM Content Collector, Smarsh orSymantec Enterprise Vault. For a more comprehensive list of suchproducts, please see Gartner Magic Quadrant for Enterprise InformationArchiving athttp://www.storagenewsletter.com/rubriques/market-reportsresearch/gartner-magic-quadrant-for-enterprise-information-archiving.Such archiving systems are typically used for eDiscovery and are capableof archiving email communication within the enterprise. Hence thegateway 115 can email the message to the archiving system 306 or use anAPI to send the message to the archiving system 306. The gateway 115furthermore manages the long codes. For example, long codes can assignedto mobile apps and can be tracked to prevent duplicate assignments. Whena mobile app 201 has a long code 302 assigned to it, the term “dualpersona” can be used to describe the status of mobile device.Furthermore, more than one long code can be assigned to a given mobileapp 201. In such cases, the mobile app 201 has multiple personas,meaning that the mobile app 201 can send messages from multiple numbersand can receive messages from multiple numbers. For example, the mobileapp 201 can send messages in Japan via a long code in Japan and themessages in the United States will go through a US long code. Similarly,the mobile app 201 can communicate with many countries through numbersthat are local to the recipients in that country.

FIG. 5 illustrates communication channels linking an SMS server with aplurality of subscriber (e.g., employee) mobile devices, a customer(non-subscriber) device, customer application servers, anadministrator/operator portal and the archiving system 306. As shown inFIG. 5, in cases, the communication is between two or more separatesubscriber phones 41. In many cases the communication is between two ormore subscriber phones 41 and non-subscriber phones 31. Yet in somecases the communication is between two or more non-subscriber phones 31.The communication can be SMS, IPSMS, voice, MMS, Email, instantmessaging or video. In some embodiments, the communication can bebetween one or more subscriber phones 41, non-subscriber phones 31 andenterprise application software (EAS) modules connected to the gateway115 via API integration. Such EAS modules may use any number ofcommunication protocols to communicate with gateway 115. Some examplesof such protocols are HTTP/HTTPS/TCP/IP/SMTP/SMPP/XMPP/FTP/SFTP andSNPP. There are many other computer protocols that can be use; some ofthese are listed athttps://en.wikipedia.org/wiki/Lists_of_network_protocols.

Still referring to FIG. 5, the enterprise application software can beany type of computer software that is used to satisfy the needs of anorganization. Amongst others, EAS can be computer software used foraccounts receivable, accounts payable, stock and/or bond management,checking and/or saving account, inventory control, credit and/or debitcard management or any other type of software that is used in industriessuch as airlines, banking and finance, manufacturing, technologyindustry and more.

When communicating between any number of subscriber phones 41,non-subscriber phones 31 and/or EAS modules, all communication trafficis managed and routed through the gateway 115, which is also incommunication with the archiving system 306 (either directly or throughthird party vendors). Hence all communication (a copy of allcommunication) is transmitted to the archiving system 306. Thetransmission may be real time (meaning while the communication is takingplace) or store and forward (meaning a copy of the communication (data)is first stored and then transmitted at a later time). The copy of thecommunication may be transmitted in one or more formats. For example,the gateway 115 may transmit the data in XML, JSON, CSV, MicrosoftExcel. or other formats. Similar to Enterprise Application Software, thearchiving system 306 may use any number of protocols to communicate withthe gateway 115, including but not limited toHTTP/HTTPS/TCP/IP/SMTP/SMPP/XMPP/FTP/SFTP. Furthermore, the copy of thecommunication may be encrypted or compressed prior to transmission.

In some embodiments additional metadata in regard to the communicationmay be generated in order to facilitate the preserving, searching,reviewing and producing communication for electronic discovery. Metadatais data that describes other data. Metadata may summarize basicinformation about a communication which can make finding and workingwith particular instances of data easier. Some examples of metadata aredate and time of communication, length of communication, name ofparticipants, type of communication and more. In some embodiments, whena communication is a group chat (group message conference) or voiceconference, the metadata may include who is in the conference, or whojoined the conference or who left the conference. Such metadata mayfurther include date and time of joining or leaving the conference. Somemetadata may include header information about the communication such asname of the conference, purpose of the conference and more. For thepurpose of clarity, group message conference is a type of group chatthat follows some of the features of the voice conference calling. Forexample, participants can be invited to attend the conversation. In someembodiments, the creator of the message conference is the moderator andhas special privileges such as adding participants, removingparticipants and dissolving the message conference. The participants mayleave the message conference, or join message conference. The messageconference may have subject line that is defined at the time the messageconference is created. In some cases, the participants can see who iscurrently attending the message conference and in some cases, when aparticipant joins or leaves the message conference, others are notified.For example when Joe Smith leaves, other participants may receive themessage “Joe Smith has left the conversation”. In another example, whenJoe Smith joins the conversation, other participants may receive themessage “Joe Smith has joined the conversation.” All events of themessage conference are recorded by the gateway 115 as metadata for theconversation. Hence the gateway 115 is able to determine theparticipants that are present in the conversation for any communication.Furthermore, the gateway 115 tracks the metadata for the sender of themessage and recipients of the message, as well as the acknowledgementssuch as message received by the gateway 115, message sent to therecipient by the gateway 115, message received by the recipient, messageopened by the recipient, message deleted by the recipient, messageforwarded by the recipient and other types of acknowledgements that maybe a proof positive for showing the exact status of the message.

Furthermore, in some embodiments, prior to transmitting the data, thecommunication (copy of the communication data) may be reformatted suchas by splitting, separating, adding tags or recording in multiplechannels, which further facilitates the preserving, searching, reviewingand producing communication for electronic discovery. The metadata maypertain to the reformatted communication. For example the metadata maypertain to splitting, separating, adding tags or multichannel recordingof the communication. In such scenarios the communication is firstreformatted (for example splitting, separating, adding tags ormultichannel recording), then metadata is generated for the reformattedcommunication. In some embodiment the communication is reformatted tomake it feasible for the archiving system 306 to ingest, merge or importthe communication. For example reformatting of the communication may berequired (for example additional tags) to make the process of importingthe communication into the archiving system 306 feasible or easier. Someexamples of such tags include a keyword, symbol, attributes of thecommunication or the whole or a portion of the communication itself,which can help archiving system 306 to understand how to preserve,search and/or produce information. The transmission of the communicationto the archiving system 306 may consist of transmitting one or more ofthe communication itself, a copy of the communication, metadata,reformatted communication, tags or any combination of thereof.

One simplified example of such reformatting is as follow:

<ArchivingDate>November12, 2015</ArchivingDate><MessageConferenceID>123456</MessageConferenceID> <Participant>JoeSmith</Participant> <Participant>Bob Jonson</Participant><Participant>Anna Davis</Participant> <MessageSender>BobJonson</MessageSender> <MessageID>789</MessageID> <MessageBody>Helloeveryone</MessageBody> <MessageDate>11/12/2015:08:31:01</MessageDate><MessageDelivery>AnnaDavis/MSGID:789/MSGDATE:11/12/2015:08:31:02</MessageDelivery><MessageOpen>AnnaDavis/MSGID:789/MSGDATE:11/12/2015:08:31:03</MessageOpen><ParticipantJoined>BryanBrown/JOINDATE:11/12/2015:08:31:04</ParticipantJoined><MessageDelivery>JoeSmith/MSGID:789/MSGDATE:11/12/2015:08:31:05</MessageDelivery> <MessageOpen>JoeSmith/MSGID:789/MSGDATE:11/12/2015:08:31:06</MessageOpen><MessageSender>Bob Jonson</MessageSender> <MessageID>790</MessageID><MessageBody>I will not be in the office today</MessageBody><MessageDate>11/12/2015:08:31:07</MessageDate> <MessageDelivery>JoeSmith/MSGID:790/MSGDATE:11/12/2015:08:31:08</MessageDelivery><MessageDelivery>AnnaDavis/MSGID:790/MSGDATE:11/12/2015:08:31:09</MessageDelivery><MessageDelivery>BryanBrown/MSGID:790/MSGDATE:11/12/2015:08:31:10</MessageDelivery>

Many archiving systems are designed to preserve, search and/or produceinformation based on email formats. In such scenarios, the gateway 115can reformat the communication to match an email format or create anoutput that matches what the archiving system 306 is capable ofunderstanding. To do so, the communication can be formatted and/ortagged and/or metadata can be created that is suitable for import to thearchiving system 306.

The process of reformatting, creating metadata, adding tags, encrypting,compressing, transmitting and any combination of thereof as describedherein, is referred to as the “Upload Process”. The Upload Process mayor may not include the import into the archiving system 306. The UploadProcess can be performed at the gateway 115 itself or as a separateprocess that is on the same network as the gateway 115 or a differentnetwork. Hence, for example, it is possible to first perform the processof reformatting, creating metadata and/or adding tags and then transmitthe result for the import to the archiving system 306 or transmit firstand then perform the process prior or during the import to the archivingsystem 306.

FIG. 16 illustrates another exemplary embodiment of a system 100 fortracking communications in accordance with the invention, wherein themobile devices 31 and 41 utilize native operating system's communicationtools such as standard SMS editors and phone dial pads for making andreceiving voice calls that are shipped with the device as part of theoperating system. Such native operating system tools may includeiMessage or FaceTime Apps or any other Apps that are provided by thedevice manufacturer for the purpose of communication such as sending andreceiving of messages (whether in the form of SMS or Instant Messaging),or for making or receiving of phone call, or video chats. In theembodiment of FIG. 16, the communication that may be utilizing thedevice phone number (phone number associated with the SIM card) to reacha carrier 304 a, is forwarded to the gateway 115 from that carrier 304a. In turn, that communication is forwarded from the gateway 115 to thearchiving system 306. For example, referring to FIG. 16, thecommunication from the mobile device 31 (which does not have the mobileapplication 201) is sent to the carrier 304 a that is providingcommunication services to that mobile device. Such communicationtypically goes through the Circuit Switched Network, however in someembodiments it may utilize a Packet Switched Network. The carrier 304 aroutes a copy of the communication to the gateway 115, which in turnforwards it to the archiving system 306. In this scenario, the gateway115 can have programming instructions to communicate with a variety ofarchiving systems. In some scenarios, the archiving system 306 may behosted by the owner of the mobile device 31 (which typically is anenterprise or corporation but in some cases may be an individual), orhosted at the carrier 304 a or some other carrier, or hosted at the samedatacenter as the gateway 115, or hosted by a third party which may ormay not be the manufacturer of the archiving system 306. It isunderstood, however, that at least one proper archiving system isassociated with the mobile device 31. For example, the phone number formobile device 31 can be defined at the carrier 304 a or gateway 115 toassociate with the archiving system 306. In this scenario, after thecarrier 304 a sends a copy of the communication to gateway 115, itcontinues with the processing of the communication as usual and forwardsthe communication to the mobile device 41, which in some cases may be byway of another carrier 304 b that is providing communication services tothe mobile device 41. In this example, neither mobile device 31 normobile device 41 is required to run any special application and could beutilizing the native communication tools that are provided by theirrespective operating systems. In some embodiments, however, eithermobile device 31 or mobile device 41 or both can have a secure containeron that mobile device. In some embodiments, the communication in theabove example can come from inside a secure container. For example, theuser of mobile device 31 attempts to establish communication with mobiledevice 41. Hence the user opens the contact list within the containerand finds the contact phone number for mobile device 41 and initiates anSMS or voice communication. In this example, although the communicationis initiated from the inside container but it will be using the devicenative communication tools.

In one specific example of the above embodiment, mobile device 31 sendsan SMS or text message to mobile device 41. Mobile device 31 uses thestandard SMS editor that is provided by the operating system of thatmobile device. Hence the SMS message is transmitted through a carriernetwork (GSM or CDMA for example) to the carrier 304 a. The carrier 304a routes the SMS message to the mobile device 41, and a copy of the SMSmessage is also transmitted to the gateway 115 for delivery to thearchiving system 306. In this specific example, the phone number of themobile device 31 is correlated to the archiving system 306. Thecorrelation may be set at the carrier side or at the gateway 115. Forexample, the owner of the mobile device 31 can request the carrier 304 ato forward a copy of all communication (SMS in this example) to and/orfrom mobile device 31 to be sent to the gateway 115 for archiving at thearchiving system 306. Such request may be done through the gateway 115and transferred to carrier 304 a. It should be understood that allcommunications such as voice, messaging, SMS or email can be queued orstored at various points before transition to the next stage ortransmitted in real time. For example, the carrier 304 a may store allvoice communication first and transmit the entire commutation to thegateway 115 after the voice communication is completed. In otherembodiments, the carrier 304 a may forward a copy of the voicecommunication to the gateway 115 in real time and while thecommunication is in progress. In some embodiment the carrier 304 a maycreate a file containing a copy of the communications at specificintervals which can then be transferred to the gateway 115 by way ofcommunication protocols such as HTTP, HTTPS, FTP or SFTP. In someembodiments, the carrier 304 a may send an email containing the contentof the communications to the gateway 115. In such scenarios the gateway115 has the programming instructions to capture the email sent by thecarrier 304 a and to extract the content of the communication, obtaininformation about the communication, or reconstruct the communication.Similarly, the gateway 115 may store and forward the communication ortransmit the communication to archiving system 306 in any of the methodsdescribed above for carrier 304 a and gateway 115.

In some embodiments, the PBX, VoIP PBX or IP PBX (collectively referredto herein as PBX) of the enterprise can be used for routing of the voiceor message communication. Many enterprises have a PBX system that isused for voice communication. Typically, the PBX has communicationlines, in the form of T1, E1 or ISDN for example, for connection topublic telephone network or PSTN. In most scenarios, a list of DIDs orphone numbers are assigned to the PBX, which are used for makingoutbound calls or receiving inbound calls to the enterprise. In someembodiments the gateway 115 can utilize the DID of the PBX to make anoutbound call or receive an inbound call. In this scenario, when a voicecall is received by the gateway 115 from secure mobile module 201, thegateway connects to the PBX and utilizes the DID associated with mobilemodule 201 to make an outbound call. Similarly, when an inbound call isreceived by the PBX for the DID number associated with mobile module201, the PBX utilizes the gateway 115 to send the call to mobile module201. In typical scenarios, the gateway 115 sends a copy of thecommunication to an archiving system 306 before sending to or afterreceiving from the PBX. Additionally, the DIDs can be SMS enabled, whichmeans any SMS sent to such DIDs (Mobile Originated or MO) are ultimatelyrouted (by carriers or telecom companies) to the gateway 115.Consequently, the gateway 115 can utilize such SMS enabled DIDs to sendout an SMS message (Mobile Terminated or MT). In such scenarios, Whenmodule 201 sends an outgoing message, gateway 115 utilizes the DIDnumber associated with mobile module 201 to send out an MT SMS message.Similarly, when an MO SMS message is sent to the DID, the gateway 115sends the message to the mobile module 201 associated with that DIDnumber. In typical scenarios, the gateway 115 sends a copy of thecommunication to an archiving system 306 before sending to or afterreceiving from the mobile module 201.

In some embodiments, the gateway 115 can determine whether the incomingcommunication for a subscriber (mobile phone 41) is forwarded to theenterprise PBX or the mobile phone 41 based on the location of the phone41. For example, if the subscriber is within certain vicinity or an areaof interest, the voice calls are forwarded to the enterprise PBX,whereas if the subscriber is elsewhere, the phone calls are forwarded tophone 41. In other embodiments, the communication can be forwarded toboth to the enterprise PBX or subscriber's mobile phone 41 at the sametime. In such scenarios, the gateway 115 can stop routing thecommunication to one or the other once the subscriber has been reached(for example the call or video conferencing request has been answered orgone to a voicemail).

In some embodiments the gateway 115 can determine if the mobile phone 41is able to receive communication via a mobile software application 201(mobile app). In another words, when the mobile device 41 has thecorrect mobile app 201 installed and the mobile app 201 is properlyconfigured and registered to communicate with the gateway 115, then thegateway 115 can determine if a copy of the mobile app 201 is installedon the mobile device 41.

In some embodiments, more than one virtual number may be assigned to themobile application software 201 that is running on the mobile device.The mobile application software 201 can be within a container (i.e.,installed inside a container) which provides a secure or managed segmentfor business data on a personal mobile device. When a communication isinitiated from a subscriber mobile device 41 to a nonsubscriber mobiledevice 31, while more than one virtual number is assigned to the mobileApp, either the gateway, mobile App or the user of the mobile device hasto select a virtual number for transmitting the communication from thegateway 115 to the nonsubscriber 31. With such an embodiment, theselection can be made by determining the country of the nonsubscriber 31and selecting a virtual number that matches such country. For example,considering the phone number of a nonsubscriber device 31 anddetermining its country code and selecting a virtual number that has thesame country code. Similarly, the area code of the nonsubscriber mobiledevice 31 may be used to select a virtual number with an appropriatearea code. In some embodiments, the virtual number can be selected basedon region (for example closest) or price (for example least expensivecommunication) or the route (for example most reliable).

In some embodiments, previous communications with the nonsubscribermobile device 31 can indicate the appropriate virtual number. Forexample if the nonsubscriber mobile device 31 has previously called orsent a message on one virtual number, the system can select that virtualnumber for future communication between the subscriber 41 andnonsubscriber 31.

Although the selection can be done automatically by the gateway 115 orthe mobile application software 201, it can be overridden by the user ofthe mobile device. For example, the user of the mobile device canpreselect the virtual number that will be used for communication withthe nonsubscriber 31.

Archiving of Voice Conversations

According to one aspect of the invention, a conversation that includesvoice communications of multiple parties can be transcribed andarchived. Transcription is the process of putting a voice communicationinto a written format. In some embodiments, each party's voice isrecorded separately. The separate recording of the voice communicationcan include, audible, readable, visual or other type of tags. In someembodiments tags can signify the timeline for the communication. Theseparately recorded voice communications (with or without the timelinetags) can be transcribed. The timeline tags can be used to combine oneor more of the separate voice communication recordings to constitute theentire communication. For example, if a conversation includes voicecommunications between a user of a subscriber mobile phone 41 and a userof a non-subscriber mobile phone 31, the voice communication for thenon-subscriber mobile phone 31 can be recorded without the voicecommunication of the subscriber mobile phone 41. Similarly, the voicecommunication from the subscriber mobile phone 41 can be recordedwithout the voice communication of the non-subscriber mobile phone 31.While being recorded, each recording can be tagged for conversationtimeline. Each recording can be used to transcribe that caller'scommunication. In this manner, the voice communications between mobilephone 31 and mobile phone 41 are reformatted into a written format,which can be beneficial in preserving, searching, reviewing andproducing communication for electronic discovery. This process can beapplied to voice communication taking place between any number of phones31, 41 and/or EAS modules.

In some embodiments when a communication is initiated or received byeither (or both) subscriber mobile phone 41 and nonsubscriber mobile 31,a notification can alert the initiator or recipient about certainfeatures of the system, a disclaimer or legal rights. For example, whena text message is sent from a nonsubscriber phone 31 to a subscriberphone 41, the nonsubscriber may receive a message describing thearchiving feature of the system. In a similar example, when a subscriberphone 41 sends a message to the nonsubscriber phone 31, a disclaimer orsignature maybe added to the message (for example to the top or bottomof the message) stating that messages are being saved. In anotherexample, if a subscriber is making a voice call to the nonsubscriber,once the call is taken, a message will notify the nonsubscriber that theconversation is being recorded. In yet another similar example, if anonsubscriber makes a voice call to a subscriber, before the subscribertakes the call, the nonsubscriber will be notified that that theconversation is being recorded.

Use Cases

The following examples help to explain the use of the system and methodof the present invention.

The ABC agency deploys the secure mobile application 201 to its users(i.e., subscribers) then disables all other messaging applicationsincluding SMS. Each user is provided a virtual phone number 302. In somecases, the users may have one or more virtual numbers 302, for examplesince they are working in Canada or the UK. The users (i.e., employeesor agents of ABC company) use the various embodiments of the inventionto communicate with ABC company customers that are not using the securemobile application (see, e.g., FIG. 6). These customers dial thesubscribers' virtual numbers, which routes the call to the native cellnumber of the phones registered to the secure mobile application 201.

Long codes are used as virtual phone numbers for routing communications,such as SMS messages or voice, that take place between anon-subscriber's (e.g., a consumer's or customer's) phone and asubscriber (e.g., an employee). It is assumed that the non-subscriber isusing the standard SMS and voice capabilities that come with the mobilephone while the subscriber has an application such as a secure mobileapp or email (which are described in more detail below) on their phone.

Referring to FIGS. 1A and 4-6, one exemplary process may go as follows:

-   -   1. From the phone 31, a non-subscriber (e.g. consumer)        originates an SMS message (could be IPSMS) or phone call to a        virtual number that is assigned to the subscriber (e.g.,        employee);    -   2. The server 15, which includes an SMS gateway 115 or PBX, such        as Asterisk, receives the SMS message or call and recognizes        that the non-subscriber is trying to reach a subscriber that has        the secure mobile application 201 on their phone 41. This may be        done by searching a database to determine if the virtual number        is assigned to any the secure mobile application 201. The SMS        message or call is logged. The message can be logged both        locally and sent to a remote archiving system 306. Also, the        logging process can include queuing system to assure resiliency        since the remote archiving system 306 may not be accessible at        all times. Furthermore, a reporting system can be used to sync        the local storage with the remote system 306. In such cases, any        missing messages are sent to remote system from local storage or        the queue based on a user specified criteria;    -   3. The server 15 detects the non-subscriber's phone number by        detecting the originator of the SMS message or using the caller        ID;    -   4. The server 15 forwards the call to the secure mobile        application 201 showing the non-subscriber's phone number as the        originator (sender). It is possible that the non-subscriber's        call is received by the server 15 as unlisted or unknown or that        the server 15 or PBX in the server, is unable to detect the        non-subscriber's caller ID. In such cases, the secure mobile        application shows the originator of the call as unlisted or        unknown. When sending an SMS message from a computer, it is        possible that the SMS message is sent without the originator's        phone number. It is also possible to send an SMS message that        carries an ID such as text instead of the originator's phone        number. In either case, the secure mobile app will show the ID        received by the server 15 as the originator.

Still referring to FIGS. 1A and 4-6, another exemplary process may go asfollow:

-   -   1. A subscriber (e.g., an employee) originates an SMS message        (could be IPSMS) or a call to a non-subscriber (e.g. a customer        or consumer) using the secure mobile application 201 on the        mobile device 41.    -   2. The server 15, which includes an SMS gateway 115 or PBX, such        as Asterisk, receives the SMS message or call and recognizes        that the SMS message or call is intended for an external number        (i.e., a non-subscriber's number). An external number could be        any phone number that is not assigned to a secure mobile        application 201. The server 15 can search a database to        determine if the recipient of the message/call is another secure        mobile app 201 or is a non-subscriber's mobile phone 31. The        server 15 routes the SMS message or call to non-subscriber's 31        phone using the subscriber's virtual number as the originator.        The SMS message or call is logged.    -   3. The non-subscriber receives an SMS message or a call on his        or her mobile phone 31 showing the virtual number as the        originator. If the virtual number is assigned to a name in the        non-subscriber's contact list, the non-subscriber's phone 31 can        show the subscriber's name as the sender of the SMS message or        caller ID.

Referring to FIG. 2, in some embodiments, a message is sent to the emailserver 310 from an email application on the subscriber's mobile device41. The subject field, body of the email or email address for therecipient of the email can identify the phone number of anon-subscriber's mobile device 31 that is the recipient of the message.For example the recipient email address may be in the form of1234567890@domain.com where 1234567890 is the phone number for therecipient of the message. As another example, the subject field or bodyof the email can contain the phone number 1234567890. The email serverroutes the message to the communication gateway such as an gateway 115.The communication gateway 115 or the email server may record the messagefor reporting, compliancy and archiving and then the communicationgateway 15 use a long code to send the message to the second mobiledevice.

Still referring to FIG. 2, a message can be sent from thenon-subscriber's mobile device 31 to a long code. The long code routesthe message to a communication gateway such as the gateway 115. Thegateway 115 utilizes an email server 310 to email the message to thesubscriber's mobile device 41, which has an email client and is theintended recipient of the message. The subject filed, body or emailaddress for the sender of the email can represent the phone number forthe non-subscriber's mobile device 31. Furthermore, the subject field orbody of the email can represent the content of the message sent from thenon-subscriber's mobile device 31.

In some embodiments, one or more other servers can exist between thesubscriber mobile device 41, email server 310, communication gateway 115and non-subscriber mobile device 31.

Still referring to FIG. 2, the email client can be inside a container(discussed below) on the subscriber's mobile device 41. The long codecan be assigned to the subscriber's mobile device 41 with the emailclient. The user of the mobile device 41 can represent the long code ashis or her own mobile phone number, personal number, SMS number or otherrelated numbers. As shown in FIG. 3, the long code can be printed on abusiness card 320 as such numbers.

The email client can be a SecureSMS or SecureVoice Micro Client or othermobile app. In such embodiments, the app on the mobile device 41 cansend the message directly to the communication gateway without goingthrough any email server. Yet again in such embodiments the message maybe a voice or VoIP. In many embodiments there can be multiplecommunication gateways involved to route the message. In mostembodiments the communication gateway sends the message to a carrier.The carrier can use a mobile network to transmit the message between thecommunication gateway and mobile device. The sender and recipients canbe on different carriers. In such embodiments the carrier of the sendertransmits the message to the carrier of recipient.

In some embodiments the message can have attachments. In suchembodiments the attachment may be other messages or multimedia files.

Containerization for Mobile Devices

Containerization for mobile devices (such as Samsung Knox) allows amobile device to be shared for both personal use as well as corporateuse. Using this technology the personal applications and personal datafor the user of the phone may coexist with corporate applications anddata on the same mobile device. Hence a mobile device may be runningpersonal applications and personal data on the phone while the containercreates a secure and managed segment for corporate applications anddata. However, with containers the mobile device is still using the samephone number for communication. This means the user sends and receivesmessages or voice communication for both personal and corporate usingthe same number.

Although it is possible to have two or more SIM cards in a single mobilehandset, the cost of such is typically higher than having a single SIMin the device. A virtual number can be assigned to the container on thedevice. This allows a phone to have one number such as the originalnumber (assigned by the carrier to the SIM card) for the phone itself,and another number such as the virtual number for the container. Hencethe phone may recognize which communications are intended for theapplications inside the container. For example, a mobile device may havephone number A assigned to the phone by the carrier and virtual number Bassigned to the applications on the container. The phone may have oneset of applications installed on the phone and the same or another setof apps installed inside the container. Hence when receivingcommunication destined for number A, it is forwarded to apps on themobile device while communications destined for number B are forwardedto apps installed in the container. It is important to note that thesecure mobile app 201 can be installed both inside and outside thecontainer on the phone. It such cases, it is possible to assign one ormore virtual number to both sides which would lead to receiving messageson the phone itself, the secure mobile app outside the container as wellas the secure mobile app inside container.

Secure SMS and Mobile Voice Communication System

FIGS. 7 through 15 illustrate in more detail an exemplary system andmethods for managing SMS and mobile voice communications in an encryptedand secure manner, with which various embodiments and methods of theinvention can operate. Various environments of the system describedherein are illustrated for use with a short messaging service (SMS)protocol. However, other protocols, for example, a multimedia messagingservice (MMS) protocol, an Unstructured Supplementary Service Data(USSD) protocol, or other messaging protocol, and/or the like maysuitably be employed. Moreover, various embodiments described herein aresuitable for use when a messaging protocol is utilized for at least aportion of the communication. System 100 is, among other things, anexample of a network-based system configured for managing informationthat is transferred to, transferred from, and/or stored on a mobiledevice, which is accomplished in many embodiments while maintaining anacceptable level of data security. In the example of system 100, users21, 22, and 23 own, use, control, or have access to mobile phones 41,42, and 43 respectively, which are serviced through a network, forexample mobile phone network 40. Although one mobile phone network 40 isshown, some embodiments may include or use a number of mobile phonenetworks 40, which may be interconnected, for example. As used herein,unless specifically stated otherwise, a “mobile phone network” may be acellular network, a satellite network, a WiFi network, a WiMAX network,a wireless network, or any other suitable network for transmission ofinformation to mobile phones and/or other mobile devices. Moreover, amobile device may connect to a network in any suitable manner, forexample via a GSM modem, a CDMA modem, and the like. Additionally, amobile device may connect to multiple networks simultaneously, forexample to a GSM network of a first carrier via a GSM modem, and to aCDMA network of a second carrier via a CDMA modem. Further, the threeusers 21 to 23 and mobile phones 41 to 43 shown may serve as examples ofa larger number of users and mobile phones. Many users of system 100 mayhave access to the Internet 10. For example, in various embodiments,user 23 has access to the Internet 10 through personal computer 13.Further, in certain embodiment, mobile phone network 40 is incommunication with the Internet 10, or information is capable of beingcommunicated (e.g., in one or both directions) between mobile phonenetwork 40 and the Internet 10. In various embodiments, mobile phonenetwork 40 may be connected to one or more additional mobile phonenetworks 40 or other networks in any suitable manner, for example viathe Internet 10, via a public switched telephone network (PSTN), and/orthe like.

Moreover, system 100 may be a public system (e.g., a system wherein anynumber of users may utilize system resources) or a private/closed system(e.g. a limited-access system with a “circle of trust” such that a usermust be authorized to utilize particular system resources and/or sendand receive communications with other members of the circle of trust).In various embodiments, system 100 may be configured to allowcommunication only between users (for example, users 21, 22, and 23) whoare members of a particular trusted group. In this manner, system 100may be particularly suitable for businesses, military, law enforcement,governments, and the like, who wish to exchange highly sensitive andconfidential information via system 100. For example, system 100 may beconfigured to enable communication only between members of a pre-definedtrusted group, such as FBI agents, ATF agents, Army personnel, and thelike.

In the embodiment illustrated, server 15 is in communication with theInternet 10. However, server 15 may be in communication with a wirelesscarrier, a private network, a mobile phone, another server, and/or thelike, via a wireless network or other means such that server 15 does notneed to be in communication with the Internet 10. In this embodiment,server 15 is part of system 100, which provides an example of a systemof managing personal information for a plurality of users (e.g., 21 to23), each user having a mobile phone (e.g., 41 to 43) operating on amobile phone network (e.g., 40). In this example, system 100 includes,on server 15, (at least one) first software module 61. Although shownjust on server 15, in some embodiments, module 61 may be installed on oroperating on more than one server. In certain embodiments, softwaremodule 61 may form at least one website 65. In this embodiment, at leasta plurality of users (e.g., 21 to 23) may access or visit website 65through the Internet 10 and elect to have their personal informationmanaged through system 100 using their mobile phones (e.g., 41 to 43).For example, user 23 may access website 65 through computer 13 andinternet 10. In different embodiments, computer 13 may be a desk toppersonal computer, a lap top or notebook computer, a PDA, etc. In someembodiments, users may access website 65 on server 15 through theirphones (e.g., 41 to 43), through mobile phone network 40, or both.

In various embodiments, server 15 is part of system 100, and server 15is configured as a trusted gateway configured to manage encryptedmessages. Server 15 may provide any desired functionality to system 100,for example managing client software installed on one or more mobiledevices, updating client software installed on one or more mobiledevices, issuing commands to client software, tracking messages sent andreceived by client software, and the like. Server 15 may also manageencryption keys for client software, generate new encryption keys,communicate with a hardware security module (for example, a modulelocated on another server 15 coupled to the instant server 15), andprovide resiliency to increase the reliability of message delivery.

System 100 further comprises, on server 15, (at least one) firstsoftware module 61. Although shown just on server 15, in someembodiments, module 61 may be installed on or operating on more than oneserver. For example, server 15 may include multiple servers, such as oneor more of a firewall server, a database server, an gateway server, aweb server, a domain server, or any other server. In certainembodiments, software module 61 may form at least one website 65. Incertain embodiments, multiple users (e.g., 21 to 23) may access or visitwebsite 65 (for example, through the Internet 10) and elect to send,receive, forward, reply, view, sort, and generate reports, includingcompliancy reports, through system 100 using their mobile devices orother communications devices. Moreover, one or more users may access orvisit website 65 via any suitable protocol, for example WAP, https, andthe like.

In some embodiments, first software module 61 provides secure storage 64for each user's (e.g., 21 to 23) personal information, for example,received from the user. In a number of embodiments, storage 64 may alsobe used to store personal information about the users that has beenreceived by module 61 or server 15 from at least one third party, whichmay be acting on behalf of the user to provide information to the user,for example. In the embodiment illustrated, third party 33 may providesuch information to module 61 through the Internet 10, and third party31 may provide such information to module 61 through mobile telephonenetwork 40 and the Internet 10. In some embodiments, information that iscommunicated through mobile telephone network 40 may also, or instead,be communicated through a traditional phone network, for example, thatprovides direct wired phone service for a number of users.

In many embodiments, first software module 61 or module 201 (describedbelow) provide secure storage 64 for each user's (e.g., 21 to 23)personal information, for example, information received from the user,contents of sent and received SMS messages, and the like. In a number ofembodiments, storage 64 may also be used to store personal informationabout the users that has been received by module 61, module 501, orserver 15 from at least one third party, which may be acting on behalfof the user to provide information to the user. In certain embodiments,third party 33 may provide such information to module 61 or module 201through the Internet 10, and third party 31 may provide such informationto module 61 or module 201 through mobile telephone network 40 and theInternet 10. In some embodiments, information that is communicatedthrough mobile telephone network 40 may also, or instead, becommunicated through a traditional phone network, for example, thatprovides direct wired phone service for a number of users. Moreover,third parties 31, 32, and 33 can choose to deploy gateway 115 at theirrespective data center behind their firewall. This provides each thirdparty with another layer of security. Each third party can manage allaccess to server 15 according to their internal security policy. Allcommunication between gateway 115 and mobile phone network 40 (e.g.,carriers) can be direct.

Module 201 may be self-updating (e.g., when a new software update isavailable, gateway 115 may send a message to module 201 informing module201 of the available update). The user's (or third party's) phone isinformed of the update (e.g., via a SMS or MMS message (e.g., formattedwith a command)) and asked for permission to update module 201. Forexample, the message (e.g., formatted with a command) queries the useras to whether the user would like to receive the update. If the useraccepts to receive the update, then module 201 terminates itself, startsa browser to access server 15 or gateway 115, and downloads the latestversion of module 201 from server 15 or gateway 115. Thus, oncepermission is given to update module 201, the new version of module 201is downloaded to the user's (or third party's) phone and installed overthe old version of module 201. A message confirming installation ofmodule 201 may be sent to gateway 115. Moreover, module 201 may beconfigured to communicate with and/or utilize multiple gateways 115.

In various embodiments, customized versions of module 201 may beprovided in order to make module 201 operative and/or available for useon varying hardware, for example various mobile phones and/or computingplatforms (e.g., Google Android. Java 2 Mobile Edition, Windows Mobile,Linux. Microsoft Windows, Mac OS, Unix, and the like). Moreover, accessto module 201 may be controlled via a password, a biometric, and thelike. Additionally, module 201 may contain and/or be associated withinformation configured to identify a third party (e.g., a reseller, areferrer, a corporation, and the like), in order to provide customizedservices and/or tracking. For example, a reseller may receive acommission based on the number of secure SMS messages transmitted bymodule(s) 201 associated with the reseller.

Registration with the Gateway/Server

Moreover, module 201 may be configured to utilize registration with agateway, for example gateway 115. In various embodiments, registrationmay comprise a user taking affirmative steps, for example inputting asecure identification provided by a gateway administrator; inputting ashort code, a long code, or a phone number (for example, a numberassociated with a cellular modem) to facilitate routing of one or moremessages. Furthermore, registration may comprise exchanging encryptionkeys between a mobile device and a gateway. For example, a server publickey may be utilized to securely send the encryption key of module 201 toa mobile device.

In certain embodiments, module 201 is registered on gateway 115 in orderto facilitate communications between module 201 and gateway 115. Forexample, registration may be accomplished through use of a defaultserver public key, a unique module 201 public key, a short code, and aunique secure identification code. In this manner, a module 201 may knowhow to contact gateway 115 in order to register. Module 201 encrypts theunique secure identification code and the newly generated module 201public key with the default server public key and sends the result in anSMS message to the short code. Gateway 115 decrypts the SMS messageusing a default server private key. Gateway 115 verifies the uniquesecure identification code and the phone number associated with module201. If the result is not verified, an error message is returned tomodule 201. If the result is verified, gateway 115 transmits a newserver public key to module 201.

Gateway 115 then creates a unique AES key and sends this key, togetherwith registration information, to module 201 via a registration messageencrypted with the module 201 public key. Module 201 decrypts theregistration message using module 201 private key. Module 201 thentransmits a registration acknowledgement message, encrypted with aunique AES key associated with module 201, to gateway 115. Upon receiptof the registration acknowledgement message at gateway 115, module 201is registered with gateway 115.

In some embodiments as illustrated in FIGS. 7 through 15, system 100 canmanage mobile voice communications in an encrypted and secure manner.Some of the problems and vulnerabilities of mobile voice communicationshave been described. A network manager 1673 can be configured as a partof a fourth software module 1672 in FIG. 15, module 201 in FIG. 1, orsecond software module 72 or 77 (or separate from modules 1672, 72,and/or 77). Network manager 1673 acts as a module to measure networkconditions on both sides (transmit/receive) of a call through mobilephone network 40. Network conditions can include latency, throughput,and bandwidth of mobile phone network 40. The data thereby collected bynetwork manager 1673 is used to make informed decisions about choosing amore suitable codec for handling the call on mobile phone network 40. Insome embodiments, fourth software module 1672 can be configured as oneor more of a secure messaging module 201, second software module 72, asecure voice module, secure audio module, secure video module, securevideo streaming module, secure video conferencing module, and securemultimedia module.

Referring now to FIGS. 7, 14 and 15, a system 100 for managing mobilevoice communications in an encrypted and secure manner includes thesecond software module 72, the secure messaging software module 201, afourth software module 1672, a network manager 1673, and a SIP module1680. PBX 1690 is Private Branch Exchange, which is a PSTN telephonenetwork (usually used within a private enterprise). The Internet 10 andmobile phone network 40 can be combined as Internet and/or a mobilephone network 40 (see FIG. 7). Fourth software module 1672 can be a partof secure messaging module 201 or second software module 72 in FIG. 7 orbe separate from module 201 or second software module 72. Server 15,gateway 15, or the administrator of the server/gateway 15 can send orcommunicate a secure identification code or Secure ID to the user viafourth software module 1672, module 201, or second software module 72.The secure identification code can be communicated via SMS, MMS, and/ordata, or via a communication channel other than SMS, MMS, and/or data.

Fourth software module 1672 (configured as an application on mobilephone 43), module 201 (configured as an application on mobile phone 43),or second software module 72 (configured as an application on mobilephone 43) can send a request to server 15 indicating an interest or arequest to register with server 15 (step 1603). In some embodiments, therequest may or may not be encrypted. In some embodiments, the encryptionof the request may or may not use a unique encryption key. In someembodiments, the encryption of the request may or may not use apre-established key, which may be a symmetric key or an asymmetric key.Server 15 sends a certificate signed by a trusted authority to fourthsoftware module 1672, module 201, or second software module 72 (step1605). In some embodiments, the certificate may be encrypted using theunique encryption key. In some embodiments, the encryption of thecertificate may use a pre-established key, which may be a symmetric keyor an asymmetric key.

Fourth software module 1672, module 201, or second software module 72verifies that the certificate from server 15 is genuine using a publicroot CA (Certificate Authority) (step 1607). If the certificate is notgenuine, then the registration process is aborted and in someembodiments the incident is reported, logged, or alerted to the userand/or administrator of server 15. If the certificate from server 15 isgenuine, then the fourth software module 1672, module 201, or secondsoftware module 72 sends its own certificate (e.g., the certificate fromthe application on mobile phone 41) to server 15 (step 1609). Thecertificate from fourth software module 1672, module 201, or secondsoftware module 72 can be encrypted with the certificate from server 15before the certificate from fourth software module 1672, module 201, orsecond software module 72 is sent to server 15. In some embodiments,fourth software module 1672, module 201, or second software module 72may also send the secure identification code or Secure ID from server 15(if available) in an encrypted manner with the certificate from theserver 15 to server 15.

In some embodiments, fourth software module 1672, module 201, or secondsoftware module 72 may also send additional information such as one ormore of mobile device information (e.g., from mobile phone 41), anapplication version, an encryption version, a list of installedapplications, and an Operating System version in an encrypted mannerusing the certificate from the server 15 to server 15. The server 15sends a confirmation of the registration including a key to fourthsoftware module 1672, module 201, or second software module 72 (theconfirmation can be encrypted with the certificate from the fourthsoftware module 1672, module 201, or second software module 72) (step1611)

In some embodiments, server 15 may also send policies to instruct thefourth software module 1672, module 201, or second software module 72 tochange its configuration (which also can be in an encrypted manner usingthe certificate from fourth software module 1672, module 201, or secondsoftware module 72). In some embodiments, the fourth software module1672, module 201, or second software module 72 confirms that theconfirmation from server 15 is received and processed correctly. In someembodiments, the confirmation can be encrypted with the key receivedfrom server 15 (step 1613). In some embodiments, all or some of thesteps are sent via SMS. In other embodiments, some or all of the stepsare via a data channel of the mobile phone network 40. In otherembodiments, all or some of the steps are sent via SMS/MMS.

Encryption

A number of embodiments of systems and methods of the present inventionuse encryption to address the problems associated with existingencryption models and limitations of throughput in mobile voicecommunications over a mobile phone network. Although some of thestandard features of the mobile device, such as the address book, allowfor sharing of information between voice calls and the SMS editor on themobile phone 41, the challenges induced by the differences have resultedin keeping the secure SMS module 201 and the secure voice module (fourthsoftware module 1672, module 201, or second software module 72) asseparate applications on the mobile device. For example, the differencesbetween the encryption techniques of the data channel and the controlchannel has resulted in keeping the secure SMS module 201 and the securevoice module (fourth software module 1672, module 201, or secondsoftware module 72) as separate applications on the mobile device. Oneof the important characteristics of traffic channel is support ofInternet Protocol (IP) which is not available or feasible on controlchannel. Hence in this invention when discussing characteristics of thetraffic channel, one can assume any channel capable of supporting IP.Some channels may be any part of the mobile phone network or theInternet.

Some embodiments and methods of the invention establish a secure voicecommunication based on a unique encryption key that is establishedbetween a first software module of the server and fourth software module1672, module 201, or second software module 72 of the mobile device. Thesecure SMS registration process for establishing such a uniqueencryption key using SMS/MMS, data, or a combination thereof can includeusing one or more or any combination of AES (Advanced EncryptionStandard), Blowfish encryption, ECC (Elliptic Curve Cryptography), RSAencryption, or any other suitable encryption. Furthermore, the inventionuses a dynamic codec switcher to accommodate network changes on themobile phone network for a variety of parameters such as latency, droprate, and bandwidth on the mobile phone network. Furthermore, theinvention allows for in-call switching of codecs (codec hot-swap) anduses a network manager. The network manager can be configured as a partof a fourth software module 1672, module 201, or a second softwaremodule 72 (or separate from them) and acts as a module to measurenetwork conditions on both sides (transmit/receive) of a call throughthe mobile phone network. The network manager can also switchcommunications from a mobile phone network to the Internet, a WiFinetwork, or a local network (and vice-versa). Network conditions caninclude latency, throughput, and bandwidth of the mobile phone network.The data thereby collected by the network manager is used to makeinformed decisions about choosing a more suitable codec for handling thecall on the mobile phone network.

Mobile communication takes place over traffic and control channels of amobile phone network 40. While the traffic channel is basically used forcarrying signals such as voice calls, data, and multimedia, the controlchannel is used for SMS (short messaging service) amongst otheroperating signals. Other operating signals can include synchronizationsignals, paging signals, and access signals. One of the common protocolsfor transmission of voice communication over Internet Protocol (IP) isVoice over IP (VoIP). VoIP is commonly used for end-to-end encryption ofvoice communication. VoIP takes place over the traffic channel as ituses data signals for the transmission. Similar to voice calls, one mainassumption for VoIP communication is that both sides of thecommunication are online in real time and available simultaneously forthe communication. Contrary to voice calls and VoIP. SMS is astore-and-forward technique, which does not require an end-to-endconnection to be available simultaneously. Furthermore, SMS is optimizedfor transmission of short messages (as compared to longer messages usedfor voice, multimedia, or other). Traditionally, when securing VoIPcommunication, the encryption techniques that are used for encryptingVoIP rely on characteristics of the data channel and therefore vary intechniques used for encryption of SMS (which relies on characteristicsof the control channel).

Embodiments and methods of the present invention can take advantage ofsome of the characteristics of the control channel to enhance encryptionof VoIP communication. Furthermore, they can take advantage of combininga secure SMS module 201 with a secure voice module 1672, secure audiomodule, secure video module, secure video streaming module, secure videoconferencing module, and secure multimedia module as well as secure IP(Internet Protocol) SMS which sends SMS over the traffic channel. IPSMSis a way of emulating SMS messages via data. SMS uses a control channel.Data uses a traffic channel. The characteristics of the two channels aresomewhat different. It is possible to send short messages on a datachannel to emulate SMS but not all characteristic of SMS on a controlchannel will be available on IPSMS.

A number of embodiments and methods use encryption to address theproblems associated with the vulnerability of using SSL/TLS in mobilevoice communications. They can use a control channel of a mobile phonenetwork (e.g., for transmitting/receiving SMS/MMS messages), wherepossible, and can perform a security handshake such as using a secureSMS module 201 or API. The control channel of a mobile phone network canbe used with a registration process, which provides additionalreliability and a higher level of security for voice communication. Suchmethodology utilizes a secondary communication method or channel (e.g.,using both the control channel and the traffic channel), which is moredifficult to exploit by attackers. Furthermore, when SMS/MMS is used,the phone number of the sender (or user) can be verified and a whitelistprocess can establish the list of mobile devices authorized forregistration. Whitelist is defined herein and can also include a processto determine which types of information or data are permitted to betransmitted or received through the mobile phone network. Furthermore,when SMS is used, then the control channel of the mobile phone networkis used (which is more resilient and uses less bandwidth). Usingwhitelisting in the control channel is more secure than using the datachannel.

Amongst other things, the registration process (that takes place overthe control channel using SMS) authenticates the user of the mobiledevice (non-repudiation), the mobile device itself, and the server(gateway). Authentication of the mobile device is one of the importantcharacteristics of registration through the control channel that is notavailable in the traffic channel. An authenticated mobile device acts aswhat-you-have, which enhances the security of what-you-know.Traditionally what-you-have has been established via security donglethat are provided to each individual user, which is costly compared tothe mobile device (which is already owned by the user).

Additionally, via the registration process, a secure communicationconnection is established between the mobile device and the server and aunique encryption key is established between the mobile device and theserver. The unique encryption key can be renewed based on policy decidedby the administrator of the system.

Once the registration process is established over the control channel,all other modules operating on the traffic channel can utilize theunique encryption key that has been established for communication(transmission and receipt of information). Other benefits of combiningthe secure SMS module 201 with other modules is the sharing of one ormore secure address books between all modules, having a single sign-onprocess, having common configuration, sharing of the storage area,enhanced user experience, enhanced overall efficiency of combiningsecure SMS communication with secure voice communication, and more.

By combining the secure SMS and secure voice modules, the secure SMSmodule can also benefit from characteristics of the traffic channelincluding send and receiving information such as IPSMS, policyinformation, group information over IP. In this invention, secure SMSand secure voice can sync the phones stored in the secure address bookwith the server and identify the phones in the secure address book thathave similar software and are capable of secure communication.

In some embodiments, the unique encryption key of the registrationprocess is used in conjunction with SSL/TLS and the SIP (SessionInitiation Protocol) packets are encrypted and decrypted at the serverand mobile device. In other embodiments, the unique encryption key orthe registration process is used in conjunction with SRTP (SecureReal-time Transport Protocol) and packets are encrypted and decrypted atthe server and mobile device.

An SIP packet containing the unique encryption key is encrypted atserver 15 before being transferred through a TLS/SSL channel via mobilephone network 40 to mobile phone 41. Secure communication such as by SMSis used to more reliably authenticate mobile phone 41. Utilizing securecommunication such as SMS, server 15 is capable of verifying the phonenumber of mobile phone 41. Furthermore, the secure communication (e.g.,SMS message) is encrypted to prevent eavesdropping and furtherstrengthen the security of the communication between server 15 andmobile phone 41. In an alternate embodiment, an MMS message can be used.

Some embodiments and methods of the invention use encryption, a uniqueencryption key, configuration of mobile devices, and dynamic commanddelivery by encrypted mobile communications (e.g., SMS/MMS message).This is done to address the problems associated with the vulnerabilityof using mobile voice communications. As illustrated in FIGS. 7 through15, an encryption key or keys can be used and configurations and otherinformation can be communicated through an encrypted method. The key orkeys can also dynamically be changed through an encrypted method.Commands to perform tasks can additionally be delivered to a mobiledevice (such as a handset) or an application through an encryptedmethod.

In the past, mobile applications that primarily have used data forcommunication relied on pull technology to determine if the serverintends to send information to the mobile application. In another words,the mobile application contacts the server periodically to determine ifthe server has some information than need to be sent to the mobiledevice. This process is not considered very efficient, as it excessivelyuses the resources of the mobile device. To this extent, some mobileOperating System manufacturers introduced the concept of pushnotification, by which the mobile application is notified when it needsto contact the server. On the other hand, mobile applications thatutilize an SMS or MMS channel, rely on push technology where the messageis pushed from server to the mobile application.

Since push notification is not reliable or for the purpose ofredundancy, it is possible to send an SMS or MMS message, eitherencrypted or plain text, to a mobile application running on the mobiledevice to instruct the application to contact the server. This techniquecould be used along with push notification or just by itself. Securevoice mobile applications primarily utilize a data channel and are inconstant communication with the server to know if there is a taskwaiting for them. For example, to learn if there is a phone call waitingfor connection to the mobile device. If secure voice communications alsoutilize SMS or MMS, disclosed herein, the server can send a message tothe mobile phone when there is a phone call waiting to connect, and theSMS can wake up the mobile application and instruct it to contact theserver. Thus, with some embodiments and methods of the invention,commands to perform tasks can be delivered to handset or applicationthrough an encrypted method such as Secure SMS; including but notlimited to the ability to stop activity on the data channel andapplication, or “put it to sleep” to preserve battery and deviceresources, as well as “wake up” a data connection via SMS, PushNotification, or another method.

Some embodiments and methods of the invention use an encrypted addressbook scan and encrypted mobile communications (e.g., SMS/MMS message) toaddress the problems associated with the vulnerability of using mobilevoice communications. Depending on the server settings, the user'saddress book on the user's mobile device can be scanned and the servercan find others who have such secure communication software module orapplication on their mobile devices, if such others users have chosen tobe listed. This makes it convenient for the user to setup secure callswith other users using their mobile devices and encrypted mobile voicecommunications. Users can also share a secure contact list betweenapplications on the mobile device and the server and/or amongapplications on the mobile device. Users can also share unique login,setup, configuration, and other similar features using mobile voicecommunications that are secure. All the information between users istransferred in an encrypted way (e.g., voice (talking on the mobiledevice), text (SMS/MMS messages), data, or any other).

Once the registration process is established over the control channel,all other modules operating on the traffic channel can utilize theunique encryption key that has been established for communication(transmission and receipt of information). Other benefits of combiningthe secure SMS module 201 with other modules is the sharing of one ormore secure address books between all modules, having a single sign-onprocess, having common configuration, sharing of the storage area,enhanced user experience, enhanced overall efficiency of combiningsecure SMS communication with secure voice communication, and more.

By combining the secure SMS and secure voice modules, the secure SMSmodule can also benefit from characteristics of the traffic channelincluding send and receiving information such as IPSMS, policyinformation, and group information over IP. Secure SMS and secure voicecan sync the phones stored in the secure address book with the serverand identify the phones in the secure address book that have similarsoftware and are capable of secure communication.

In some embodiments, the unique encryption key of the registrationprocess is used in conjunction with SSL/TLS and the SIP packet areencrypted and decrypted at the server and mobile device. In otherembodiments, the unique encryption key or the registration process isused in conjunction with SRTP (Secure Real-time Transport Protocol) andpackets are encrypted and decrypted at the server and mobile device.

An SIP packet containing the unique encryption key can be encrypted atserver 15 before being transferred through a TLS/SSL channel via mobilephone network 40 to mobile phone 41. Secure communication such as by SMSis used to more reliably authenticate mobile phone 41. Utilizing securecommunication such as SMS, server 15 is capable of verifying the phonenumber of mobile phone 41. Furthermore, the secure communication (e.g.,SMS message) is encrypted to prevent eavesdropping and furtherstrengthen the security of the communication between server 15 andmobile phone 41. In an alternate embodiment, an MMS message can be used.

FIGS. 14 and 15 illustrate one example method of managing mobile voicecommunications in an encrypted and secure manner according to thepresent invention. As shown in FIGS. 14 and 15, the server/gatewayIS/administer sends/communicates the secure identification code/SecureID to user (act 1601). Fourth software module 1672 (or 72 or 201) thensends a request to server/gateway 15/administer with interest/request toregister with server/gateway IS/administer (act 1603). Theserver/gateway IS/administer sends a certificate signed by a trustedauthority to fourth software module 1672 (or 72 or 201) (act 1605).Fourth software module 1672 (or 72 or 201) then verifies the certificatefrom server/gateway 15/administer as genuine using a public root CA(Certificate Authority) (act 1607). If the certificate is not genuine,then the registration process is aborted; otherwise, if certificategenuine, then fourth software module 1672 (or 72 or 201) sends its owncertificate to server/gateway IS/administer (act 1609). Server/gateway15/administer sends confirmation of registration with a key to fourthsoftware module 1672 (or 72 or 201) (can encrypt with certificate) (act1611). Fourth software module 1672 (or 72 or 201) then sendsconfirmation which can be encrypted with the key received fromserver/gateway IS/administer (1613).

Secure Messaging Communication

Some embodiments of a system according to the invention are configuredfor managing (i.e., creating, editing, viewing, compressing,decompressing, disassembling, reassembling, queuing, routing,encrypting, decrypting, sending, receiving, replying, forwarding,storing, and/or the like) communications (for example, short messagingservice (SMS) messages, multimedia messaging service (MMS) messages, andother information transmission, and/or the like) in a secure manner(e.g., in an encrypted or otherwise secured manner). In one exemplaryembodiment, a secure short messaging service (SMS) system comprises asoftware module configured for use on a device, such as a mobile device.The software module is configured to encrypt an SMS or MMS message via afirst encryption. A gateway is configured to communicate with the mobiledevice. The gateway is configured to receive the encrypted SMS messagefrom the mobile device.

In yet another embodiment, a method of deleting information on a mobiledevice, comprises transmitting, to a mobile device, a secure messagecomprising a wipe instruction. At the mobile device, at least one itemof information is deleted responsive to the wipe instruction.

Referring to FIG. 12, a registration process is put in place toauthenticate the user, mobile phone 41, and server 15, and to create asecure communication between mobile phone 41 and server 15.

In addition, module 201 may be configured to support methods fordetermining unauthorized access to module 201 (i.e., intrusiondetection, and the like). For example, if the correct password to gainaccess to module 201 is not provided for three (3) consecutive times (orany desired value chosen by a user or a gateway administrator), datastored by module 201 and/or module 201 itself may be deleted.

Additionally, a module 201 on a mobile device may be registered withmultiple gateways 115 simultaneously. For example, a module 201 may beregistered with a first gateway 115 associated with a GSM network of afirst carrier, and communications between module 201 and the firstgateway 115 may be transmitted via a GSM modem. The same module 201 mayalso be registered with a second gateway 115 associated with a CDMAnetwork of a second carrier, and communications between module 201 andthe second gateway 115 may be transmitted via a CDMA modem. Module 201may be registered with any suitable number of gateways 115 in order tofacilitate communications with various intended message recipients.Similarly, a gateway 115 may be configured to communicate with a firstgroup of modules 201 associated with a first carrier via a first GSMmodem, configured to communicate with a second group of modules 201associated with a second carrier via a second GSM modem, configured tocommunicate with a third group of modules 201 via a dedicated shortcode, and so on. In this manner, gateway 115 may communicate withmultiple modules 201 via a cellular modem and/or other communicationsdevice appropriate for each particular module 201 (e.g., based onparticular mobile phone hardware, for example).

In certain embodiments, gateway 115 can be configured to allow amessage, such as an SMS or IPSMS message, from a module 201 to bedelivered only to other modules 201 who are in a common circle of trustwith the message sender. Stated another way, in various embodiments, amodule 201 may only be permitted to communicate with other members of apredefined group. For example, a module 201 utilized by a sensitivegovernment agency may be permitted to communicate only with othermembers of the same agency. Moreover, gateway 115 may also be configuredto allow an SMS message from a module 201 to be delivered only to othermodules 201 who are in a common circle of trust with each other, but notwith the message sender. In this manner, gateway 115 may be furthersecured, as unintended and/or undesired communications outside aparticular circle of trust or other group may be reduced and/oreliminated. Further, gateway 115 may be configured to allow an SMSmessage from a module 201 to be delivered to any other module 201.Moreover, gateway 115 may be configured to contact another gateway 115for information regarding a module 201 registered with the other gateway115. Gateway 115 may also be configured to route at least one message ofmodule 201 to another gateway 115.

In various embodiments, gateway 115 may be configured with a “whitelist”comprising a list of approved modules 201 and/or mobile devices whichmay be authorized to be registered with gateway 115. For example, a user21 may desire to enroll in mobile banking services offered by thirdparty 31. User 21 communicates the desire to third party 31, whoapproves the request. The module 201 associated with user 21 may then beadded to a whitelist on gateway 115 associated with third party 31. User21 may then register their module 201 with gateway 115. In this manner,a pre-approved, trusted set of modules 201 may be defined and/orregistered such that communications between members of the whitelistand/or one or more third parties may be facilitated. Moreover, eachmodule 201 and/or mobile device in a whitelist may be configured with aunique identification code. The unique verification code may be validfor a limited period of time, for example six hours. In this manner,security may be improved, as a module 201 may be required to both be amember of a whitelist and provide a unique identification code in orderto register with gateway 115 and/or to communicate with other modules201 via gateway 115.

In certain embodiments, third party 32 also provides information tomodule 61 or module 201 on server 15 through a communication means otherthan the Internet 10. Such a communication means may be, for example, aprivate network, a local area network (LAN), a wide area network (WAN),a telephone network, a financial or bank card network, etc. Thirdparties 31, 32, and 33 are examples of data providers, or personal dataproviders. Third parties 31 to 33 may be, for example, lotteryorganizers or operators (e.g., a government agency, a state, or agambling organization), brokers for lottery organizers (e.g., resellers,convenience stores, or server 15), distributors for lottery organizers(e.g., resellers, convenience stores, or server 15), financialinstitutions, airlines, bank card providers, merchants, an employer oremployee of the user, news providers, health care providers, insurancecompanies, stock brokers, governmental agencies, non-governmentalorganizations, etc., or any of these that may be functional on-line.

Module 201, server 15, and/or gateway 115 or other components utilizingencryption may utilize any suitable encryption techniques and/orsecurity models to encrypt, decrypt, compress, decompress, or otherwisemanipulate and/or process information, for example symmetric key,asymmetric key, AES, block cipher, and the like. Moreover, module 201,server 15, gateway 115, and/or other components may update, revise,expand, replace or otherwise modify the security model and/or encryptiontechnique utilized, as desired.

Module 201 can be configured to store a set number of messages on server15, gateway 115, or the user's phone. Module 201 can be configured tostore the latest specified number of messages (set by the user, server15, or gateway 115). Older messages may be deleted to make room for newmessages (although permanent means of storage can also be used). Userscan mark messages that should be exempt from this deletion process. Suchmarked messages may be stored until manually deleted by the user, server15, or gateway 115.

In certain embodiments, users 21, 22, and 23 may communicate with eachother through SMS messages or other messages in a secure manner. Forexample, module 201 or a second software module 72 (described below) onthe mobile phone of user 21 may send an SMS message intended fordelivery to a mobile phone of user 22. Module 201 is accessed andinstalled onto the user's mobile phone much like module 61 or module 72are accessed and installed onto the user's mobile phone. In manyembodiments, a text message, large text file, or other informationdesired to be transmitted may need to be in a particular format in orderto be able to transmit it using one or more SMS messages (e.g., due tothe limitation of the number of characters that can be transmitted in anSMS message). In one example, numerous text messages are sent fromserver 15 (or phone 41 of user 21) to phone 42 of user 22, the textmessages are compiled at phone 42 of user 22, and user 22 reviews onelarge text file (or text message) on phone 42. In this example, thetransmission of one text message or multiple text messages is seamlessto user 22 (e.g., user 22 receives one large text file or text message(instead of multiple text messages)). This format can be useful insending information using text messages without the limitation of thenumber of characters typically found in text messaging. Stated anotherway, when the size of a particular piece of desired information exceedsa message size threshold, multiple messages may be utilized to conveysuch desired information to and/or from a mobile device.

With reference now to FIGS. 9-11 and in various embodiments,communications between one or more users 21/22/23 and/or third parties31/32/33 can be routed through a trusted gateway 115. In this manner,system security may be improved. Gateway 115 communicates with one ormore third parties 31/32/33 and/or users 21/22/23 (for example, viamobile phones 41/42/43) to send, receive, and store short messagingservice (SMS) messages and multimedia messaging service (MMS) messagesin a secure manner. Gateway 115 may also communicate with users 21/22/23in a conventional (unsecured) manner, if desired. Moreover, users21/22/23 and/or phones 41/42/43 may download software (e.g., secure SMSmodule 201) from a server 15. Gateway 115 may be notified of suchinstallation and be configured to communicate with module 201accordingly.

In an embodiment, gateway 115 may be configured as Software as a Service(SaaS). Gateway 115 may be accessed by third parties authorized toutilize the SaaS via a secure network connection, such as HTTPS.Performance of gateway 115 may be scaled, for example through use ofload-balanced server farms. Moreover, gateway 115 may be connected towireless carrier networks via multiple redundant connections. In thismanner, gateway 115 may be configured to support a scalable number ofusers.

In another embodiment, gateway 115 may be configured as an on-siteenterprise server. Gateway 115 may thus be accessed by an organization'sinternal resources, for example via a dedicated short code hosted withany supported aggregator or carrier. Moreover, gateway 115 may beconfigured to support a limited-access “circle of trust” allowingcommunication only between certain authorized users. Gateway 115 mayalso be configured with a customizable encryption scheme, messagestorage and/or archiving functionality and other features as desired bya particular organization deploying gateway 115 on-site.

In another embodiment, gateway 115 may be configured as a wirelesscarrier managed service. Gateway 115 may thus be partially or fullyintegrated into a wireless carrier's gateway, for example a wirelesscarrier's short messaging service center (SMSC). Alternatively, gateway115 may operate as a stand-alone system. For example, gateway 115 maycommunicate with a SMSC of a first wireless carrier and with a SMSC of asecond wireless carrier. Moreover, a gateway 115 may be associated withand/or coupled to any number of SMSCs. Similarly, one SMSC mayassociated with and/or coupled to any number of gateways 115. In thismanner, gateway 115 may be configured to support a scalable number ofusers in a wireless carrier environment, and gateway 115 may facilitatesecure delivery of messages across various networks.

With reference now to FIG. 12 and in various embodiments, one or more ofthird parties 31, 32, and 33 can create an account associated withgateway 115 (step 602). Third parties 31, 32, and 33 notify users 21,22, and 23 to download module 201 onto phones 41, 42, and 43 (step 604).Alternately, third parties 31, 32, and 33 can send module 201 to users21, 22, and 23 through a MMS (Multimedia Messaging Service) or WAP(Wireless Application Protocol) push (step 606). The user downloads themodule 201 (step 608). One or more APIs (Application ProgrammingInterfaces) and https (Hypertext Transfer Protocol over Secure SocketLayer) or http (Hypertext Transfer Protocol) can be used between server15 or gateway 115 and third parties 31, 32, and 33 or users 21, 22, and23. Moreover, server 15, gateway 115, third parties 31, 32, and 33,and/or users 21, 22, and 23 may communicate via any suitable protocol,method, or means. Accordingly, the methods of the present disclosure aresuitable for use on Global System for Mobile Communications (GSM)networks, code division multiple access (CDMA) networks, time divisionmultiple access (TDMA) networks, frequency division multiple access(FDMA) networks, transmission control protocol/internet protocol(TCP/IP) networks, satellite communications networks, and/or the like,and/or any combination of the same.

A secure SMS API is used by third parties 31-33 to send a SMS or MMSmessage to gateway 115 or server 15 (step 610). A secure SMS API mayutilize HTTPS, Web Services, Java API, and/or any other suitableprotocols. A determination is made as to whether the user has module 201loaded on their phone 41, 42, or 43 (step 612). If the user has module201 loaded on its phone, then the user receives a secure SMS or MMSmessage on their phone in module 201 (step 614). An acknowledgementmessage may be sent back to the sender of the message (e.g., user 21,22, or 23 or third party 31, 32, or 33) (step 616). Once the receivinguser opens the message it received (step 618), another acknowledgementmessage may be sent to the sender via server 15 or gateway 115confirming that the user opened the message (step 620). If the user doesnot have module 201 loaded on their phone, then the user may receive alink to download module 201 onto their phone (step 622), the message maybe sent in clear text, the message may be skipped, an anonymous messageretrieval method (as discussed above) may be utilized, and/or the like.

In various embodiments, with continued reference to FIG. 12, a userdownloads module 201 (step 624). When the user elects to send a messagefrom its phone to the phone of another user or third party (step 626),the user enters one or more phone numbers to send a message to in itsphone (alternatively, the user may select from a secure address book onthe user's phone) (step 628). For example, using a secure address book,the user can import their general address book content (from theirphone) into their secure SMS address book (e.g., located in a databasecreated by module 201). The information in the secure SMS address bookis encrypted and stored on the phone. In this manner, if the phone islost or stolen, those with access to the phone may be prevented fromextracting personal contact information (or other sensitive information)from the phone.

The user's message is encrypted and sent to gateway 115 (step 630). Aspreviously discussed, a determination is made as to whether thereceiving user has module 201 loaded on its phone (step 612). If theuser has module 201 loaded on its phone, then the user receives a secureSMS or MMS message on their phone in module 201 (step 614). Anacknowledgement (for example, a delivery confirmation) is sent back tothe sender of the message (step 616). Once the receiving user opens themessage it received (step 618), then another acknowledgement (forexample, a read confirmation) is sent to the sender via server 15 orgateway 115 confirming that the user opened the message (step 620). Incertain embodiments, when a user replies to or forwards a message, amessage identification is included in the message to enable tracking ofwhich message was replied to, forwarded, and the like. In someembodiments, additional information may be embedded into the message,for example a total number of messages, a number representing thesub-message in the message chain, and the like. In this manner, a“thread” of related messages may be managed.

In various embodiments, the sender could log into a website associatedwith server 15 or gateway 115 to determine if the message has beendelivered and opened. In another example, when the receiving user opensthe message, module 201 automatically deletes the message within apredetermined period of time after the message is opened. In anotherexample, when the receiving user opens and closes the message, module201 automatically deletes the message (either immediately or within apredetermined period of time after the message is closed). Server 15,gateway 115, or module 201 can create such an automatic deletion processby including a field in the header of the message (or in the body of themessage) with a command to delete the message upon one of the exemplaryevents (or other defined event, time period, and the like). Users andthird parties can view the status of every message. For sent messages,users and third parties can tell when each message was sent, when eachmessage was delivered, and when each message was opened (e.g., via time,date, and status information about the message). For example, one ormore icons may be provided (e.g. within module 201, via a web browser,and the like) in order to indicate the status of a particular message(e.g., sent, delivered, read, replied to, forwarded, deleted, and thelike).

In some embodiments, third parties 31, 32, and 33, and/or users 21, 22,and 23 can elect to wipe their phone (e.g., delete one or more items ofinformation or data) remotely. For example, if a phone is lost,misplaced, or no longer being used, wiping the phone of any personalinformation, messages, or other information may be desired. Thirdparties 31, 32, or 33, and/or users 21, 22, or 23 can utilize a secureSMS API or other method to send a wipe command to one or more phones. Inone example, the user can access the third party's website or server 15in order to send a wipe command to the user's phone. Gateway 115authenticates the user, encrypts a wipe command, and sends the encryptedwipe command to the user's phone via a SMS or MMS message, or via othersuitable method (e.g., within the body of a message, in the header of amessage, and the like). Module 201 on the user's phone receives theencrypted wipe command and decrypts the encrypted wipe command. A secureSMS database (created by module 201) on the user's phone is deletedbased on the decrypted wipe command. Moreover, a wipe command may alsoresult in deletion of data other than or in addition to a secure SMSdatabase. For example, via a wipe command, the memory contents of aphone or data for other applications may be at least partially and/orentirely wiped, deleted, reset, and the like. Additionally, module 201can be configured to automatically wipe a secure SMS database and/or anentire phone memory responsive to repeated failed local authorizationattempts or other reasons as desired. In this manner, security of datalocated on a phone may be enhanced.

Moreover, in various embodiments, one or more components of system 100may be configured to log, record, or otherwise monitor communicationsbetween a phone and a server, for example, to detect attempts to “spoof”or otherwise impersonate a phone or other telecommunications device, orotherwise misrepresent the origination or other attributes of one ormore messages. System 100 may also inform a user, a systemadministrator, a third party, and the like, of the contents of suchrecords, for example, attempts to spoof a user's identity or to sendmessages purporting to come from a particular user or a particularmobile device.

Turning now to FIG. 13, in some embodiments, a user sends a message fromone phone to another (e.g., from phone 41, 42, or 43 to phone 41, 42, or43) in a secure manner (step 802). Prior to sending the message, themessage is encrypted on the first phone (e.g., using a first encryptionkey) (step 804). The encrypted message is sent to gateway 115 (or server15) (step 806) and gateway 115 (or server 15) receives the encryptedmessage (step 808). The encrypted message is decrypted at gateway 115(or server 15) (e.g., using the first encryption key) (step 810). Adetermination is made as to whether the message is from one phone toanother of a user (step 812). If the message is not from one phone toanother of a user (e.g., from a user phone to a third party), then themessage is sent to the third parties server, for example using WebServices, Java remote method invocation (RMI), HTTP/S Post, and the like(step 814). A delivery confirmation may then be sent to the phone. Ifthe message is from one phone to another of a user, then the message isencrypted (e.g., using a second encryption key) at gateway 115 (orserver 15) for the recipient user (step 816). The encrypted message issent to the receiving user's phone (step 818). The receiving user'sphone receives the encrypted message. (step 820). A deliveryconfirmation is sent to gateway 115 (or server 15) that the message wasdelivered to the receiving user's phone (step 822). The encryptedmessage is decrypted (e.g., using the second encryption key) at thereceiving user's phone and opened. A delivery confirmation may bedisplayed on the sender's phone by changing the icon associated with thesent message, or may be shown on a status page. Once the receiving useropens the decrypted message, an open acknowledgement or other suitableread confirmation is sent to gateway 115 (or server 15) (step 824).Gateway 115 or server 15 may forward the open acknowledgement to thesender's phone. The open acknowledgement may be displayed on thesender's phone by changing the icon associated with the sent message,may be shown on a status page, and/or the like.

In various embodiments, the original message sent is encrypteddifferently than the message finally received, so that only users orthird parties who have the relevant encrypted key can decrypt, open, andread the message. Each user or third party can have their own uniquekey, so that one user or third party cannot access, open, or readanother user or third party's message. Each unique key can also bechanged as desired, for example periodically, for additional security.Moreover, a user may modify its own encryption key manually or at aspecific time interval. This key change made by the user is communicatedto gateway 115 to keep module 201 in synchronization with gateway 115.Moreover, the encryption key associated with a particular mobile devicemay be stored off the mobile device for additional security.

In certain embodiments, an encryption key associated with a particularmodule 201 may be updated. Gateway 115 is configured with two encryptionkeys per module 201, a current key and a new key. Module 201 isconfigured to use the current key. Responsive to a predeterminedinterval, a key change request from module 201, and/or a key changeinstruction from gateway 115, module 201 is configured to replace thecurrent key with the new key. The current key is kept active on gateway115, and a new key is generated. A key change command, including the newkey, is sent to module 201. The status of module 201 is changed to from“current” to “pending”. Messages to and from module 201 are held in aqueue on gateway 115 until the status of module 201 returns to“current”.

When the key change command is received by module 201, module 201 storesthe new key in place of the current key, and transmits a key changeacknowledgement to gateway 115 using the new key. When gateway 115receives the key change acknowledgement from module 201, the new key iscopied to the current key, and the new key is set to a blank value. Thestatus of module 201 is changed to “current”. Messages in the queue formodule 201 may then be processed utilizing the current key (which wasformerly the new key), and messages sent and/or received using the oldkey (formerly the current key) will fail and may be logged.

In the event module 201 does not return a key change acknowledgementafter a key change command is sent to module 201, gateway 115 mayre-send the key change command to module 201 one or more times. If a keychange acknowledgement is not received from module 201, for examplewithin a predetermined time period, in response to a predeterminednumber of transmitted key change commands, and the like, the status ofmodule 201 may be changed to “suspended”. Moreover, gateway 115 may beconfigured to periodically check all pending key change requests, resendkey change commands, and/or disable one or more modules 201, asappropriate.

If module 201 is suspended responsive to an uncompleted key change, ordisabled by an administrator associated with gateway 115, module 201 maybe required to re-register with gateway 115. Upon re-registration withgateway 115, the status of module 201 may be set to “current” and queuedmessages for module 201 may be processed.

In various embodiments, one or more messages may be queued and/orotherwise stored on gateway 115. Messages queued on gateway 115 may beencrypted via a third encryption key, for example a storage encryptionkey associated with gateway 115. Queued messages may be marked forautomatic or manual processing. Messages marked for automatic processingmay be processed when the associated module 201 returns to “current”status. Messages marked for manual processing may be processed via asystem administrator or other manual process. Messages may be kept in aqueue for a predetermined period of time, for example three days.Messages which have been in a queue longer than a predetermined periodof time may be archived.

As discussed above, in various embodiments, module 201 may have a statusassociated therewith, for example “pending”, “whitelisted”, “current”,“suspended”, “disabled”, and the like. A whitelisted module 201 has beenplaced on a whitelist but has not registered with gateway 115. A currentmodule 201 has registered with gateway 115 and its encryption key isup-to-date. A pending module 201 has registered with gateway 115 and akey change command has been sent to module 201, but a key changeacknowledgement has not yet been received from module 201. A suspendedmodule 201 has registered with gateway 115 and a key change command hasbeen sent to module 201, but a key change acknowledgement has not beenreceived from module 201 within an allowed time, within a predeterminednumber of requests, and the like. A disabled module 201 was onceregistered with gateway 115, but has been disabled by an administratoror other supervisory entity associated with gateway 115, for example inresponse to an unpaid bill, a report of a lost mobile device, repeatedentry of an incorrect password, and the like.

When module 201 is pending, messages may be queued. When module 201 iswhitelisted, messages may be queued. When module 201 is current,messages may be processed. When module 201 is suspended, messages may bequeued. When module 201 is disabled, messages may be flagged as invalidand/or deleted. Moreover, module 201 may be associated with anyappropriate status, and messages associated with module 201 may bequeued, processed, deleted, and the like, in any suitable manner toenable secure communications between module 201 and gateway 115.

A message sender can run reports to determine which messages have beenreceived and/or read/opened. Moreover, server 15 and/or gateway 115 maybe configured to store various information related to a user, forexample a “mirror” or duplicate copy of one or more items of informationstored on a users phone (e.g. personal information, credit cardinformation, identification information, financial information, healthrecords, and the like), records of user messages sent and received, andthe like. Because server 15 and/or gateway 115 may track, monitor,and/or store each message in and out of server 15 and gateway 115 (andwhether the message was delivered and opened, and the like), suchtracking of information can be used for compliancy reports (e.g., underthe Sarbanes-Oxley Act or Federal Information Security Management Act),audit trail evidence, internal company control of information withincompany (e.g., through information technology) or in and out of company,fraud risk assessment and detection, or any other desired use. Sincegateway 115 tracks delivery of every message, gateway 115 can beconfigured to resubmit a message that has not been delivered (e.g., dueto error or any other reason). Gateway 115 can be configured to set theduration between resubmission of a message to a predetermined period oftime or based on the status of the message (e.g., received, opened, andthe like).

Referring now to FIGS. 7 and 8, in a particular embodiment provided asan example, system 202 manages personal information and/or enablessecure communication for any number of users, and includes a SECUREMOBILE INFORMATION MANAGEMENT™ (SMIM) platform 200 and Personal DataProviders 209. SMIM platform 200 is an example of a technology platformfor system 100 which enables mobile phone users (e.g., 21 to 23) to haveaccess to certain personal information via their mobile phone (e.g., 41to 43), in some embodiments, even when there is no signal or internetconnection for the cell phone (e.g., from mobile telephone network 40).In this embodiment, SMIM platform 200 includes one or more blocks ofcode configured to provide the framework and foundation of system 100and encompasses functionality from defining standards under whichdevelopment takes place to defining security, to communication betweencomponents and various core software applications.

In certain embodiments, SMIM platform 200 includes module 201 (e.g.,MICRO AGENT™ module or MICRO AGENT TECHNOLOGY™ (MAT) module) and module203 (e.g., WEB SERVICES module or CELLTRUST WALLET WEB SERVICES™module). In this example of an embodiment, module 201 runs on mobilephones, and is an example of the second software module 72, or a portionthereof, and module 203 is an example of first software module 61, or aportion thereof. In this example, module 203 is a block of code orsoftware that runs on server 15 and that communicates with or exchangesdata with module 201 on the phones, website 65, and secure storage 64,for example. Module 203 may be a communication layer between module 201,website 65, and storage 64, for instance. Module 203 may provide orallow authentication, communication, protocol definition, auditing ofthe integrity of data, prevention of unauthorized access, and so on, andmay allow access to website 65 from the Internet 10. Module 201 allowsusers 21, 22, and 23 to create, send, receive, and store secure SMS andMMS messages via phones 41, 42, and 43.

Module 203 also, in various embodiments, allows third parties (e.g., 31to 33) or Personal Data Providers 209 (e.g., banks, airlines, merchants,health care providers, and the like) to communicate with a customer (forexample, to update their customer's accounts or personal information onstorage 64, website 65, and/or secure areas thereof, to exchangeelectronic medical records in a HIPAA-compliant manner, to provideflight information and/or booking, and so forth). Module 201 or secondsoftware module 72 provides a user interface, local storage,synchronization, and alerts components, in this embodiment on one ormore of phones 41 to 43. Further, in certain embodiments, a userinterface, within mobile phone 41 or second software module 72, maygather information from the user (e.g., 21) and provide information backto the user. For example, Personal Data Providers 209 include financialinstitutions, airlines, retailers, or merchants. Module 203 allowsPersonal Data Providers 209 to update customer accounts or personalinformation such as bank account information and statements, flightinformation, credit card information and charges.

In some embodiments, local storage (e.g., folder 76 on mobile phone 41)enables the application (e.g., second software module 72) to storeinformation (e.g., nuggets 78 and 79 of information) on the phone (e.g.,41), which may provide for faster access, reduce dependence on thenetwork (e.g., mobile phone network 40, the Internet 10, or both), andmay reduce the total cost of ownership by limiting the amount of datacommunication through mobile phone network 40 that takes place (e.g., atthe expense of user 21). In some embodiments, the data (e.g., nuggets 78and 79) on the phone (e.g., 41) is synchronized with data on server 15to ensure that the user (e.g., 21) has access to updated informationboth on their phone (e.g., 41) and on the web (i.e., Internet 10, whichmay be accessed, at least by user 23, through computer 13, forinstance).

In certain embodiments, data is compressed, encrypted, or both, forcommunication with the mobile phone or device (e.g., between module 201and module 203 or between the first software module 61 and the secondsoftware module 72). In addition, in some embodiments, alerts mayprovide substantially real time notification of various events oractivities that can be sent to a phone (e.g., 41) running module 201 (anexample of module 72, or a portion thereof). For example, alerts mayinform the user of an important or critical event such as a largewithdrawal from their account or a flight cancellation, flight changes,gate changes, or the like. In addition, in some embodiments, module 207provides a middle tier between users (e.g., 23) operating on theircomputers (e.g., 13) and module 205, module 201, or both. In someembodiments, module 203 may provide information (e.g., from PersonalData Providers 209) to module 207, which may then be provided to module205, module 201 (e.g., on the mobile phones), or both.

As used herein. “passive” or “passively” means to not be powered by thebattery or electrical system of the phone or electrically connected tothe phone (or another battery or electrical system). Further, as usedherein, in this context, the “component” of the phone excludesdisposable packaging for the phone (that may contain a bar code forproduct sales or tracking purposes, for example). Further, in someembodiments, the component is comprises a back of the mobile phone, abattery cover of the mobile phone, a battery for the mobile phone or acase for the mobile phone, as examples.

With further reference to FIG. 7, website 65 may include a main or homepage (or more than one such page) to which new users and new thirdparties may be directed. New users may be directed to this page or pagesor to website 65 by search engines, advertisers, brokers, agents, or thelike, as examples. Users (e.g., 21 to 23) may be assigned (or asked toelect) user names, user ID's, passwords, and/or the like, which they mayuse to access secure areas or pages of website 65, for example, wheretheir personal information may be entered, displayed, updated, and/orthe like. In some embodiments, security of such areas may be provided,for example, using novel systems and methods which may be describedherein, for instance. In some embodiments, these secure areas mayinclude information entered by third parties (e.g., 31, 32, and 33).Further, in some embodiments, third parties (e.g., 31 to 33) may havetheir own secure areas (e.g., that are password protected, or protectedas described herein), for example, within website 65 or on server 15 oranother server, in which the third parties (e.g., some or all of 31, 32,and 33) may be able to enter, view, update, or a combination thereof,information for a number of users.

In some embodiments, the first software module 61 filters the personalinformation and selects nuggets of the personal information which thefirst software module 61 sends to the mobile phone (e.g., 41) of theappropriate user (e.g., 21). As used herein, a “nugget of information”is a discrete piece of information that is a subset of the totalinformation. Nuggets of information may be in digital form, for example,and may be in text form, in the form of numbers or values, or acombination thereof, as examples. In some embodiments, nuggets mayinclude pictures, text, graphics, or the like, as further examples.These nuggets may be sent, for example, through mobile phone network 40,for instance, and may be sent as text, MMS messages, or SMS messages,for instance. In some embodiments, server 15 may access mobile phonenetwork 40 through the Internet 10, for example.

In various embodiments, a second software module 72, is operating (e.g.,independently) on more than one of the mobile phones (e.g., 41 to 43,although module 72 is shown only on phone 41). Further, in thisembodiment, the second software module 72 is configured to receive thenuggets of the personal information of the user (e.g., 21) from thefirst software module 61 through the Internet 10 and through mobilephone network 40, and to store the personal information on mobile phone41 so that the personal information may later be accessed by user 21,for example, even when mobile phone 41 is not connected to mobile phonenetwork 40. User 21 may access the personal information, for instance,by viewing folder 76 containing nuggets 78 and 79, which may beorganized by subject matter, for example. One such subject may befinancial information, for example, which may include account balances,transaction records, and the like, and another such subject, in someembodiments, may be travel information, as another example, which mayinclude, for example, flight departure times and locations, and thelike. Other examples of subjects are described herein, and includeinsurance information, bank card information, medical records,appointments, and the like.

In some such embodiments, for multiple users (e.g., 21 to 23), secondsoftware module 72 is downloadable by the users from first softwaremodule 61 to the mobile phones (e.g., 41 to 43), for example, throughwebsite 65, through the Internet 10, through mobile phone network 40, ora combination thereof. Further, in some embodiments, for many of theusers (e.g., 21 to 23), first software module 61 includes instructionsto search some or all of the e-mails received for or to the users (e.g.,21 to 23) for keywords, identifying numbers, or both, and to select thenuggets (e.g., 78 and 79) of the personal information from the e-mailsusing the keywords, identifying numbers, or both. For example, softwaremodule 61 may search e-mails received for a specific user (e.g., 21, 22,or 23) for account numbers, flight numbers, names of third parties(e.g., one or more of 31, 32, and 33), etc., and may extract nuggets ofinformation pertaining thereto. In some embodiments, software module 61may search all e-mails (e.g., sent to particular users), while in otherembodiments, only e-mails from certain sources, or certain e-mailaddresses may be searched.

In addition, in some such embodiments, for many or all of the users,second software module 72 contains instructions to allow the user (e.g.,21) to select at least a portion of the personal information that isstored on the mobile phone (e.g., select nugget 78), select or enter anidentifier of at least one of a different party (e.g., 22) and adifferent party mobile phone (e.g., 42), and elect to send the personalinformation (e.g., nugget 78) to the different party mobile phone (e.g.,42). Examples of such a different party are other users, for instance,for user 21, users 22 and 23 may be different parties, and their phones42 and 43 may be different party mobile phones. Examples of such anidentifier include the name of the different party, the phone number forthe different party, a user identification number, etc. In manyembodiments, for multiple users, the first software module 61 furthercontains instructions to evaluate whether the different party mobilephone has certain functionality or contains a copy of particularsoftware, such as second software module 72.

In some such embodiments, if the different party mobile phone contains acopy of the second software module 72, for example, then the firstsoftware module 61 may send the (at least a) portion of the personalinformation to the copy of the second software module 72 on thedifferent party mobile phone, for instance, through mobile phone network40, the Internet 10, or both. On the other hand, in some embodiments, ifthe different party mobile phone does not contain a copy of the secondsoftware module 72, for example, or in some cases other software havingadequate equivalent functionality, then the first software module 61 maysend the (at least a) portion of the personal information to thedifferent party mobile phone, in another form, for instance, in the formof a standard e-mail or text message.

In addition, in some embodiments, for many or all of the users, firstsoftware module 61 contains instructions to receive a command from theuser (e.g., one of users 21 to 23), for instance, through mobile phonenetwork 40, to dispute a financial transaction for a particular accountdescribed in the nuggets of the personal information. In particularembodiments, for example, upon the receipt of the command, firstsoftware module 61 may contain instructions to transmit a dispute of thetransaction to a manager of the particular account through a network,such as Internet 10, for example. The manager of the account may bethird party 33, for example, and may be a bank or financial institution,for instance. Such a dispute of the transaction may be transmitted tothe third party (e.g., 33) in the form of an e-mail or a text message,for example, sent via the Internet 10, mobile phone network 40, or both,while in other embodiments, a dispute of a transaction may be sentthrough a private or financial network, as another example.

In various embodiments, software module 72, software module 61, and/orvarious other components may be configured to support a particularapplication and/or user group, for example mobile banking, entry ofhealth care information, domain registration, airline check-in, intra-and inter-government agency communication, enterprise communication, andthe like.

Further, in some embodiments, some or all of the mobile phones (e.g., 41to 43) may be configured to transmit, receive, or both, local signals.For example, mobile phone 42 includes local transmitter, receiver,antenna, or a combination thereof, local communication device 82, which,in this embodiment, communicates with reader or local communicationdevice 88. In different embodiments, device 88 may read signals, sendsignals, or both. Communications devices 82 and 88 may exchange signalsin one or both directions through near-field communications, a personalarea network, Bluetooth, bar codes, WiFi, or the like, as examples.

Various embodiments also include second software module 77 for running(e.g., that is running) on the user's mobile phone (e.g., theappropriate one of phones 41 to 43). Second software module 77 mayinclude programming instructions to store (e.g., in folder 76) theparticular information on the user's mobile phone (e.g., the appropriateone of phones 41 to 43), and provide access to the particularinformation by the user (e.g., one of users 21 to 23). Such a secondsoftware module 77 may be recorded on a computer readable medium, forinstance, such as a hard drive, random access memory (RAM) read onlymemory (ROM), a disk, a memory stick, or the like, as examples.

In some embodiments, second software module 77 may be stored or recordedon a server (e.g., server 15), for downloading onto the user's mobilephone (e.g., the appropriate one or more of phones 41 to 43). In anumber of embodiments, second software module 77 may be recorded onmemory within the user's mobile phone (e.g., the appropriate one ofphones 41 to 43), for example. Such a second software module 77 may be,for example, part of software module 72 shown in FIG. 7 on mobile phone41. The particular information may be, include, or be included within,for example, the nuggets 78, 79, or both, for instance, as describedherein.

Further, in some embodiments, first software module 67 or 61 includesprogramming instructions to encrypt the particular information beforesending the particular information to the user's mobile phone (e.g.,41). In some embodiments, second software module 77 or 72 includesprogramming instructions to decrypt the particular information. Evenfurther, in some embodiments, first software module 67 or 61 includesprogramming instructions to compress the particular information beforesending the particular information to the user's mobile phone (e.g.,41). And in some embodiments, second software module 77 or 72 includesprogramming instructions to decompress the particular information.Decryption and compression may be used together or separately indifferent embodiments.

In some embodiments, for example, for one or more of multiple users(e.g., users 21 to 23), the particular information includes financialaccount information, which may include, for instance, amounts ofwithdrawals or debits from an account, such as a financial or bankaccount. In certain embodiments, the (e.g., at least one) threshold maybe, or include, the amount of a withdrawal or debit, for example, andfirst software module 67 or second software module 77 (or both) mayinclude programming instructions to provide an alarm to the user [e.g.,the appropriate one (or more) of users 21 to 23] if a withdrawal or adebit (or both) exceeds the threshold. In another example, in someembodiments, for each of a number of the users (e.g., users 21 to 23),the particular information includes travel information, which includes adeparture time, a departure location (e.g., a departure gate), or both.In some such embodiments, first software module 67 or second softwaremodule 77 (or both) includes programming instructions to provide analarm if there is a change in the departure time or the departurelocation (or both), as examples. In other embodiments, alarms may beprovided for other thresholds or other criteria.

In the embodiment illustrated, method 400 also includes monitoring thelocation of a first mobile phone (act 424), which may be possessed by aparticular individual, for example. Such monitoring may be, for example,continuous, at regular intervals of time, during certain times of theday, or the like, which may be selectable by the user in someembodiments. In some embodiments, the frequency of monitoring may beincreased if the particular individual is near a region of concern. Inthe embodiment illustrated, method 400 also includes evaluating whetherthe first phone is near or within a region (act 428), for example, ofconcern, and providing an alarm (act 432), for example, through a secondmobile phone, when the first mobile phone passes into a region ofconcern, or within a predetermined distance of a region of concern. Sucha predetermined distance may be, for example, 25 feet, 50 feet, 75 feet,100 feet, 200 feet, 300 feet, 500 feet, or the like, and may be userselectable, in some embodiments. In addition, or instead of alarming atthe second phone, in some embodiments, an alarm may be provided (e.g.,in act 432) at the first mobile phone, which may be the same or adifferent alarm, in different embodiments.

In other embodiments, regions of concern may be for other threats, suchas traffic hazards, pollution or toxic waste sites, areas of highradioactivity, industrial areas, neighborhoods with high crime rates,gang-controlled areas, quarantine areas, areas with insect infestations,high-drug use or dealing areas, bars, adult establishments, houses ofprostitution, gambling establishments, construction areas, areas ofsevere weather, areas of fighting in theater of war, forbidden areas,foreign territory, private land, areas below high tide, areas whererip-tides occur, areas of shallow water, coastlines, or other maritimenavigational hazards, etc. Besides protecting children, embodiments maynotify (e.g., in act 432), protect, or both, individuals with substanceabuse, alcohol, or gambling problems, police officers, fire fighters,probation officers, parole officers, census workers, soldiers, deliverypersonnel, salesmen, missionaries, sailors, etc. In some embodiments,the alarm (e.g., provided in act 432) may be provided to the firstphone, in addition to, or instead of the second phone.

Referring now to FIGS. 7 and 10, in a particular embodiment provided asan example, SECURE INFORMATION MANAGEMENT (SMIM) includes a platform forsystem 100 which enables mobile phone users (e.g., 21 to 23) to haveaccess to certain personal information via their mobile phone (e.g., 41to 43), even when there is no signal or internet connection for the cellphone (e.g., from mobile telephone network 40). In this embodiment, SMIMincludes one or more blocks of code that provide the framework andfoundation of system 100 and encompasses functionality from definingstandards under which development takes place to defining security, tocommunication between components and various core software applications.

In certain embodiments. SMIM includes MICRO AGENT and WEB SERVICES. Inthis example of an embodiment, MICRO AGENT runs on mobile phones, and isan example of the second software module 72, or a portion thereof, andWEB SERVICES is an example of first software module 61, or a portionthereof. In this example, WEB SERVICES is a block of code or softwarethat runs on server 15 and that communicates with or exchanges data withMICRO AGENT on the phones, website 65, and secure storage 64, forexample. WEB SERVICES may be a communication layer between MICRO AGENT,website 65, and storage 64, for instance. WEB SERVICES may provide orallow authentication, communication, protocol definition, auditing ofthe integrity of data, prevention of unauthorized access, and so on, andmay allow access to website 65 from the Internet 10.

Still another embodiment implements a method of eliminating a need tocarry a card. This example of a method includes replacing an oldcomponent of a mobile phone with a new component. In some embodiments,the new component includes at least one of a back, a battery cover, abattery, and a case for the mobile phone, as examples. In someembodiments, the new component includes a magnetic code area configuredto produce a magnetic code to be read by a card reader (e.g., device 88)when the phone is passed in close proximity to the card reader. Otherembodiments can use a bar code, as another example.

Benefits, other advantages, and solutions to problems have beendescribed herein with regard to specific embodiments. However, thebenefits, advantages, solutions to problems, and element(s) that maycause benefit, advantage, or solution to occur or become more pronouncedare not to be construed as critical, required, or essential features orelements of the claims. Reference to an element in the singular is notintended to mean “one and only one” unless explicitly so stated, butrather “one or more.” As used herein, the terms “comprises”,“comprising”, or a variation thereof, are intended to cover anon-exclusive inclusion, such that a process, method, article, orapparatus that comprises a list of elements does not include only thoseelements but may include other elements not expressly listed or inherentto such process, method, article, or apparatus. Further, no elementdescribed herein is required for practice unless expressly described as“essential” or “critical”. Moreover, those skilled in the art willrecognize that changes and modifications may be made to the exemplaryembodiments without departing from the scope of the present invention.Thus, different embodiments may include different combinations,arrangements and/or orders of elements or processing steps describedherein, or as shown in the drawing figures. For example, the variouscomponents, elements or process steps may be configured in alternateways depending upon the particular application or in consideration ofcost. These and other changes or modifications are intended to beincluded within the scope of the present invention, as set forth in thefollowing claims.

What is claimed is:
 1. A system for tracking and archivingcommunications between a mobile device and a telephone, the systemcomprising: a gateway configured for receiving communications from andsending communications to a mobile software application that can beinstalled on a mobile device; a PBX system including at least one phonenumber associated with a user of a first mobile device having a copy ofthe mobile software application wherein the mobile software applicationoriginates a communication with the gateway directed to a telephone;wherein the gateway is configured so that: upon receiving acommunication from the first mobile software application directed to atelephone, determining if the telephone can receive a communication withthe mobile software application; if the gateway determines that thetelephone can receive a communication with the mobile softwareapplication, sending the communication to the mobile softwareapplication on the telephone; and if the gateway determines that thetelephone cannot receive communications via the mobile softwareapplication, sending the communication to the telephone via at least oneof the PBX system and the phone number associated with the user of thefirst mobile device; and wherein the gateway is configured forautomatically sending a copy of the received communication to anarchiving system.
 2. The system of claim 1 wherein the communication caninclude one or more of text, multimedia, voice or video information. 3.The system of claim 1 wherein the archiving system is configured for atleast one of: preserving the communication; searching for thecommunication; reviewing the communication; and producing thecommunication for electronic discovery.
 4. The system of claim 1 whereinthe archiving system comprises an email archiving system and the gatewayis further configured for formatting the communication so that the emailarchiving system can import the communication.
 5. The system of claim 1wherein automatically sending a copy of the received communication tothe archiving system comprises at least one of reformatting thecommunication, creating metadata associated with the communication,associating tags with the communication, encrypting the communication,compressing the communication and transmitting the communication.